Filtering and searching alerts by source address

You can filter alerts and search the alerts table for specific alerts based on the Source criterion , which indicates the alert source address. For example, this can be the email address from which a malicious file was sent, or the IP address of the computer on your corporate LAN to which a malicious file was downloaded.

To filter or search alerts by source address:

1. Select the Alerts section in the window of the program web interface.

   The table of alerts opens.

2. Click the Source link to open the filter configuration window.
3. In the drop-down list, select one of the following alert filtering operators:
   • Contains.
   • Does not contain.
   • Matches the pattern
   • Does not match the pattern
4. In the entry field, specify one or several characters of the alert source address.
5. To add a filter condition using a different criterion, click and specify the filter condition.
6. Click the Apply button.

The table of alerts displays only alerts matching the filter criteria you have set.

See also Filtering and searching alerts Filtering alerts by VIP status Filtering and searching alerts by time Filtering alerts by level of importance Filtering and searching alerts by categories of objects detected Filtering and searching alerts by obtained information Filtering and searching alerts by destination address Filtering and searching alerts by server name Filtering and searching alerts based on names of program modules and components Filtering and searching alerts by the status of their processing by the user Quickly creating an alert filter Clearing an alert filter

Page top