Filtering and searching alerts by source address

You can filter alerts and search the alerts table for specific alerts based on the Update source criterion , which indicates the alert source address. For example, this can be the email address from which a malicious file was sent, or the IP address of the computer on your corporate LAN to which a malicious file was downloaded.

To filter or search alerts by source address:

  1. Select the Alerts section in the window of the program web interface.

    This opens the table of alerts.

  2. Click the Update source link to open the filter configuration window.
  3. In the drop-down list, select one of the following alert filtering operators:
    • Contains.
    • Does not contain.
    • Matches the pattern
    • Does not match the pattern
  4. In the entry field, specify one or several characters of the alert source address.
  5. To add a filter condition using a different criterion, click Apt_icon_alerts_add_filter and specify the filter condition.
  6. Click Apply.

The table of alerts displays only alerts matching the filter criteria you have set.

See also

Filtering, sorting, and searching alerts

Filtering alerts by VIP status

Filtering and searching alerts by time

Filtering alerts by level of importance

Filtering and searching alerts by categories of objects detected

Filtering and searching alerts by obtained information

Filtering and searching alerts by destination address

Filtering and searching alerts by server name

Filtering and searching alerts by technology name

Filtering and searching alerts by the status of their processing by the user

Sorting alerts in the table

Quickly creating an alert filter

Clearing an alert filter

Page top