Viewing the alert table

The alert table provides you with an overview of all alerts registered by Open Single Management Platform.

To view the alert table:

1. In the main menu, go to Monitoring & reporting → Alerts.
2. If necessary, apply the tenant filter. By default, the tenant filter is disabled and the alert table displays the alerts related to all of the tenants to which you have access rights. To apply the tenant filter:
   1. Click the link next to the Tenant filter setting.

      The tenant filter opens.

   2. Select the check boxes next to the required tenants.

      The alert table displays only the alerts detected on the selected tenants.

The alert table is displayed.

The alert table has the following columns:

• Alert ID. The unique identifier of an alert.
• Registered. The date and time when the alert was added to the alert table.
• Updated. The date and time of the last change from the alert history.
• Status. The current status of the alert.
• Analyst. The current assignee of the alert.
• Tenant. The name of the tenant in which the alert was detected.
• Technology. The technology that detected the alert.
• Rules. The IOC or IOA rules that were triggered to detect the alert.
• Affected assets. The devices and users that were affected by the alert.
• Observables. Detection artifacts, for example IP addresses or MD5 hashes of files.
• Incident link type. Way to add an alert to an incident.
• Severity. Severity of the alert.
• Status changed. The date and time of the last alert status change.