Manage Available Alerts

Applies To: WatchGuard Advanced Reporting Tool and Data Control

On the Available Alerts page, you can enable, disable, edit, and delete an alert.

For information on how to create an alert, see Create Alerts in the Advanced Visualization Tool. For information on how to assign sending policies to an alert, see Assign a Sending Policy to an Alert.

You cannot edit predefined alerts. For information on the default alerts that are predefined in the Advanced Visualization Tool, see Default Alerts for the WatchGuard Advanced Reporting Tool.

To enable or disable an alert, in the Advanced Visualization Tool:

  1. From the left pane, select Administration > Alerts Configuration.
  2. Select Available Alerts.

Screen shot of WatchGuard EPDR, Advanced Visualization Tool, Available Alerts

  1. To filter the list of alerts, use the All Categories and All Subcategories boxes.
  2. To further reduce the number of alerts in the list, enter keywords in the Filter box.
  3. In the list of alerts, select the toggle for each alert you want to enable or disable.

To edit an alert, in the Advanced Visualization Tool:

  1. From the left pane, select Administration > Alerts Configuration.
  2. Select Available Alerts.

Screen shot of WatchGuard EPDR, Advanced Visualization Tool, Available Alerts

  1. From the list of alerts, select the alert you want to edit.
  2. Click .
  3. Select Edit.
    The Edit Alert Definition dialog box opens.

Screen shot of WatchGuard EPDR, Advanced Visualization Tool, Edit Alert Definition

  1. In the Summary text box, type a short message to identify the alert condition.
  2. In the Description text box, type a full description of the alert condition.
  3. From the Priority drop-down list, select the priority assigned to this type of alert (Very Low, Low, Medium, High, and Very High).
  4. In the Query section, click to open the query editor, if required.
  5. Edit the query, as required.
  6. Select Additional Tools > Set Query Change in Alert.
    The Edit Alert Definition dialog box opens.
  7. Click Update

To delete an alert, in the Advanced Visualization Tool:

  1. From the left pane, select Administration > Alerts Configuration.
  2. Select Available Alerts.

Screen shot of WatchGuard EPDR, Advanced Visualization Tool, Available Alerts

  1. From the list of alerts, select the alert you want to delete.
  2. Click .

  3. Select Delete.
    A Warning dialog box opens.
  4. Click Yes.

See Also

About Real-Time Alerts in the Advanced Visualization Tool

Create Alerts in the Advanced Visualization Tool