Filtering and searching alerts by technology name

You can filter alerts and search the alerts table for specific alerts based on the Technologies criterion, which indicates the names of application modules or components that created the alert.

To filter alerts by technology name:

1. Select the Alerts section in the window of the application web interface.

   This opens the table of alerts.

2. Click the Technologies link to open the filter configuration window.
3. In the drop-down list, select one of the following alert filtering operators:
   • Contain if you want the application to display alerts generated by the specified application module or component.
   • Not contain if you want the application to hide alerts generated by the specified application module or component.
   • Equal to if you want the application to display alerts generated by the specified application module or component.
   • Not equal to if you want the application to hide alerts generated by the specified application module or component.
4. In the drop-down list to the right of the alert filtering operator that you have selected, select the name of the technology which you want to filter alerts:
   • (YARA) YARA.
   • (SB) Sandbox.
   • (URL) URL Reputation.
   • (IDS) Intrusion Detection System.
   • (AM) Anti-Malware Engine.
   • (TAA) Targeted Attack Analyzer.
   • (IOC) IOC.
   • (NDR: IDS) Intrusion Detection System.
   • (NDR: EA) External Analysis.

   For example, if you want the application to display alerts generated as a result of scanning by the Sandbox component, select the Contain filtering operator and the name of the (SB) Sandbox component.

5. To add a filter condition using a different criterion, click and specify the filter condition.
6. Click Apply.

The table of alerts displays only alerts matching the filter criteria you have set.