Adding and Editing an Alert
Scenario
This section describes how to add or edit an alert.
Adding an Alert
- Log in to the management console.
- Click in the upper left corner of the management console and select a region or project.
- Click in the upper left corner of the page and choose Security & Compliance > SecMaster.
- In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
Figure 1 Workspace management page
- In the navigation pane on the left, choose
.Figure 2 Alerts
- On the Alerts page, click Add. On the Add page displayed on the right, set parameters as described in Table 1.
Table 1 Alert parameters Parameter
Description
Basic information
Alert Name
User-defined alert name. The value must contain:
- Only uppercase letters, lowercase letters, digits, and the special characters: -_ ()
- A maximum of 255 characters
Alert Type
Alert type
Alert Severity
Alert severity. The options are Informational, Low, Medium, High, and Critical.
Status
Alert status. The options are Open, Blocked, and Closed.
(Optional) Owner
Primary owner of the alert.
Data Source Product Name
Data source name
Data Source Type
Type of the data source. The options are Cloud Service, Third-party, and Private.
Timeline
First Occurrence Time
Time when an alert is generated for the first time.
(Optional) Last Occurrence Time
Last time when an alert was generated
(Optional) Planned Closure Time
Time when the alert plan is disabled.
Other
(Optional) Verification Status
Verification status of the alert to identify the accuracy of the alert. The options are Unknown, Positive, and False positive.
(Optional) stage
Alert phase.
- Preparation: Prepare resources to process alert.
- Detection and analysis: Detect and analyze the cause of an alert.
- Containment, extradition, and recovery: Handle an alert.
- Post Incident Activity: Follow-up activities.
(Optional) Debugging data
Whether to enable simulated debugging.
(Optional) Labels
Alert labels.
Description
Alert description. The value can contain:
- Only uppercase letters, lowercase letters, digits, and the special characters: -_ ()
- A maximum of 1,024 characters.
- Click OK.
Editing an Alert
- Log in to the management console.
- Click in the upper left corner of the management console and select a region or project.
- Click in the upper left corner of the page and choose Security & Compliance > SecMaster.
- In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
Figure 3 Workspace management page
- In the navigation pane on the left, choose
.Figure 4 Alerts
- In the alert list, locate the row that contains the target alert and click in the Operation column.
- On the Edit slide-out that is displayed, modify alert parameters. For details about the parameters, see Table 2.
Table 2 Alert parameters Parameter
Description
Basic Information
Alert Name
User-defined alert name. The value must contain:
- Only uppercase letters, lowercase letters, digits, and the special characters: -_ ()
- A maximum of 255 characters
Alert Type
Alert type
Alert Severity
Alert severity. The options are Tips, Low, Medium, High, and Fatal.
Status
Alert status. The options are Open, Blocked, and Closed.
(Optional) Owner
Primary owner of the alert.
Data Source Product Name
Name of the data source, which cannot be changed
Data Source Type
Type of the data source, which cannot be changed
Timeline
First Occurrence Time
Time when an alert is generated for the first time.
Last Occurrence Time
Last time when an alert was generated
Planned Closure Time
Time when the alert plan is disabled.
Other
Labels
Alert labels.
Debugging data
Whether to enable simulated debugging. This parameter cannot be modified once configured.
Verification Status
Verification status of the alert to identify the accuracy of the alert. The options are Unknown, Positive, and False positive.
Stage
Alert phase.
- Preparation: Prepare resources to process alert.
- Detection and analysis: Detect and analyze the cause of an alert.
- Contain, extradition, and recovery: Handle an alert.
- Post Incident Activity: Follow-up activities.
Description
Alert description. The value can contain:
- Only uppercase letters, lowercase letters, digits, and the special characters: -_ ()
- A maximum of 1,024 characters.
- Click OK.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.