Introduction


Alert history helps us to drill down the root cause data for every individual Alert notification. It provides a detailed examination of documents that match the alert rule, notification status with user-friendly charts.


Pre-requisites


Step-by-Step Instruction


Click on Alert History in the Menu.





Alert History



1. Alert history will provide the detailed information in the form stacked bar chart, Line chart and Alert list


Stacked bar chart

            Stacked bar chart shows the result based on alert types (Critical/Information/Warning) with notification status (Success/Failure/Snoozed) for every individual type


Line chart

            Line chart shows the result based on triggered time with alert types (Critical/Information/Warning)


Alert List

Alert list will group the result based on

  • Alert Name
  • Alert Type (Critical/Information/Warning)
  • Last Triggered Time
  • Number of notification sent, failed and snoozed



Alert History of Particular Alert Name

2. Click the particular row to drill down further as shown above in the figure


3. The alert history for particular alert name (i.e Possible port scanning) which will provide further information on alert detailed notification like email id , webhook name and elastic index 


Drill down data of triggered alert

  

To get the detailed information on documents, result count for the triggered alert, click on the particular row


4. Click the particular row to get the detailed information on documents that matches the alert rule as shown above


5. The detailed analysis on document count and group by result that matches the alert condition is shown above.


 6. The detailed drill down of documents matching result and its details is shown above