Viewing Alert Events (Methods of)
Information on alert events, which are generated by alerts being triggered, can be viewed or received in any of the following ways:
• On the Alerts tab (on the Activity Monitoring page), which displays a list of all alert events (i.e. all alerts triggered), and allows all alert events to be viewed in one place, where the color of the alert icon corresponds to the alert risk level detected.
• In the Session Viewer, the name of an alert triggered is displayed in the Alert/USB Rule column on the right (in the Metadata grid), where the alert events are highlighted in different colors depending on the alert risk level detected.
- Alerts with the Critical risk level are indicated by a red () icon.
- Alerts with the High risk level are indicated by an orange () icon.
- Alerts with the Normal risk level are indicated by a blue () icon.
The Alert ID is also displayed in the Details area (underneath the Session Player) when a record containing an alert is selected or played.
• In the list of Client Sessions (on the Activity Monitoring page), sessions that contain alert events are marked with a special icon in the Alerts column, where the color of the alert icon corresponds to the highest alert risk level detected in the session.
• On the Recent Alerts dashboard, which contains information about alerts triggered within a specific time period and a list of notifications (i.e. alert events) for each alert, where the color of the alert bars depends on the alert risk level and the dashboard settings.
• If the Send emails to checkbox is selected (on the Edit Alert page, scroll down to the Actions section at the bottom) to enable this option, the information about alert events will be sent to the recipients defined. To receive notifications by email, define the Email Sending Settings. Each email contains metadata on the alert event (i.e. Alert ID, Alert, Description, Who, What, When, Where, Username, Application, and the name of the alert rule parameter (e.g. "Title", where the keyword identifier value defined in the alert rule that triggered the alert is displayed, e.g. "*.xlsx")), and an Open Session link to open the Client session containing this particular alert in the Session Viewer. You can customize the subjects of the emails in the email notifications sent by Syteca. To define the subjects of the email notifications, click the Configuration navigation link on the left, and then select the Customization tab, and scroll down to the Custom Email Subjects section.
• If the Show warnings in Tray Notifications application checkbox is selected (on the Edit Alert page, scroll down to the Actions section at the bottom) to enable this option, the information about alert events will be sent to the Syteca Tray Notifications application. To receive alert notifications in the Tray Notifications application, do the following:
1. Install the Syteca Tray Notifications application on the computer where alert notifications are to be received.
2. Log in to the Tray Notifications application as a user of Syteca.
3. Start receiving alert notifications in the Windows system tray.
4. Use the Syteca Tray Notifications Journal to view the history of tray notifications received and get more information on each alert event by opening the session in the Session Viewer.
NOTE: For further information, please see the Help option in the Tray Notifications application.