Alpha Help Center
  • All Files

© 2017, cmdWatch Inc. All rights reserved.

Revised: 6/23/2017 11:52:29 AM

Monitoring alerts

The Alerts page displays a list of all unresolved violation alerts in the system. At the top of the page are 3 charts that help identify the level of alert activity in the system:

  1. Violations — number of unresolved and resolved violations in the past month.
  2. Unresolved violations — by risk level
  3. Time to resolve violations (Past month)

On the main Alerts page is a list of unresolved alerts. You can access the list of resolved alerts and notifications from the left menu pane. If you do not see the left menu pane, swipe to the left browser edge to show the menu.

Filter alerts

On the Alerts page, you can filter the listed alerts by doing any of the following:

Sort alert details

On the Alerts page, you can sort the listed alerts doing any of the following:

Export alerts list

On the Alerts page, you can export the list of displayed alerts.

  1. Click on the top-right corner of the table to export a copy of the listed items in .CSV or JSON format.
    1. In the following dialog, select the preferred export format from the drop down list.
    2. Enter the number of rows that you want to export.
    3. Select the headings that you want to include in the export.
    4. Click Export.
    5. In the following dialog, right-click the bar and save the linked target file as instructed.
    6. When the file finishes downloading, click OK to close the dialog.

Display alert summaries

On the Alerts page, hover over the alert command or link text in the table to see a summary of the server, session, user status, or number of violations associated with that alert.

Display command in detail

On the Alerts page, click a row to expand and show the alert command in the terminal display.

ClosedA. Search

Use the search bar to find specific command text.

ClosedB. Display mode

Click to display the commands in List mode.

Click to display the commands in Hierarchy mode.

ClosedC. User only

Toggle this option to only show all commands or only commands executed by a user.

ClosedD. Details

Toggle this option to show or hide the Details pane.

When you select any command in the terminal, the Details pane displays the information about the source of the command and any affected files.

In the Details pane, hover or click any linked text to see more details.

ClosedE. Scrub data

Scrubbing data redacts the command or output for all users.

NOTE: When you scrub one command, all instances of the same command is scrubbed as well.

  1. Click to manually scrub sensitive information.

    The icon is displayed in the Details pane or in the top-right corner of the command output display.

  2. When the field becomes editable, press Backspace to scrub some or all of the displayed information.
  3. Click to save your changes.
  4. In the confirmation dialog, click Scrub.
ClosedF. Customize

Click to customize the terminal display. For more information, see Configuring your terminal display.

ClosedG. Maximize

Click to maximize the terminal display.

Resolve an alert

On the Alerts page, you can resolve any alert in the Unresolved list.

  1. At the right-end of the alert row, click Resolve.
    1. In the following dialog, enter any required notes related to the alert.
    2. If there are other violations associated with the alert, you can click to enable them all be resolved at the same time.
    3. Click Resolve.

Resolve multiple alerts

On the Alerts page, you can choose to resolve some or all alerts in the Unresolved list simultaneously.

  1. At the left-end of the alert rows, select the check box beside all the alerts you want to resolve. Or, check the box in the heading row to select all alerts.

    1. At the top of the list, click Resolve selected.
    2. In the following dialog, enter any notes related to the alert or investigation that may be required.
    3. Click Resolve.