Manage alerts
Here are the different ways you can manage alerts in Risk Monitor.
View alerts
To view a list of all alerts and see the details of a specific alert:
-
On the menu bar, select the Configuration cogwheel icon, and then select Alerting & API from the menu on the left side of the screen.
A list of created alerts, if any, is shown on the View tab on the Alerting & API view.
-
Select the plus icon to the left of an alert name in the list to see more details of the alert configuration, such as the criteria for receiving alert data, the fields to be included in the alert data, and the email addresses of recipients if email notifications are enabled.
Create alert
Create an alert to receive data extracts every time the criteria specified in the alert are met.
The alert data that meets the criteria specified is always available to download via API. You can also choose to receive email alerts when the criteria are met.
-
In the Configuration view, select Alerting & API, and then select the Create tab.
-
In the Name section, enter a name for the alert.
The name is displayed in the alert email.
-
Optionally, in the Type section, select to receive email notifications of alerts that meet the specified criteria.
-
Select the the Email checkbox.
-
In the Recipients section, enter one or more email addresses for the recipients of the email notifications.
-
-
In the Data Content section, specify the scope of the alert by selecting one of the following alternatives from the list.
-
Everything: both new and previously reported items are included in the alert data.
-
New Items: only items found since the previous alert was sent is included in the alert data.
-
-
In the Data Fields section, select at least one data field that you want to include in the alert data.
-
Optionally, define the criteria for triggering the alert in the Condition section.
noteIf you do not select any criteria for the alert, all of the data for your organization is included in the data extract which can result in a large amount of data.
-
Select the Enable Conditions checkbox.
-
In the Choose a filter list, select the filter on which you want to base the criterion, for example Support Ended or User Authorised
-
In the Choose a condition list, select the condition for the criterion, for example Equals.
Available conditions depend on the selected filter.
-
In the Choose values list, select the value for the criterion, for example True.
Available values depend on the selected filter.
-
To add more criteria, select the plus icon to the left of the criterion row to create a new row, and then select a filter, condition, and value as described above.
You can add as many criteria as you like.
noteTo be alerted whenever an app from the manufacturer BigCorp, with a base score of 9 or higher, is found in your IT estate, include the following two criteria in the alert:
Criterion no. Filter Condition Value(s) 1 Manufacturer Equals BigCorp 2 Base Score Greater Than or Equal To 9 -
-
Select Save.
The alert is validated for up to a couple of minutes, after which a dialog box displays the results of the validation.
-
Select Save.
If you select to receive email notifications, an alert email will be sent every time the criteria for triggering the alert is met.
To retrieve data extracts via API, see Alert API.
noteThe first email for a new alert will be sent at the earliest the day after it was created, since the data has to be processed for the new alert criteria.
Alert emails contain a link to a data extract which is password protected. Continue with Manage password to see the current password, or to change it.
Manage password
The data extract containing the alert issues is password protected. To see the current password, or to change password:
-
In the Configuration view, select Alerting & API, and then select the Setup tab.
-
To see the current password, select Show in the Current Password section.
-
To change password, enter the new password in the Password and Re-enter Password boxes in the Change Password section, and then select Save.
-
Enable or disable alert
When an alert is created it is automatically enabled. When an alert is disabled, access to the alert data via the Alert API is restricted and alert emails will not be sent.
If a disabled alert is enabled, the first data extract will contain all issues found since the alert was disabled.
-
Go to the list of alerts, see View alerts.
-
In the Status column, select the Enabled/Disabled toggle switch in a row to enable or disable the alert in that row.
Delete alert
Delete an alert to remove it from the system. No more alert emails will be sent for the alert, and data extracts will no longer be available for download via the Alert API.
-
Go to the list of alerts, see View alerts.
-
Select Delete in a row to delete the alert in that row.
A message confirming the removal of the alert will appear.