Skip to main content

Critical Alerts

This screen displays all critical alerts generated by the devices.

The filter box allows for searching specific alerts. The Actions button on each alert allows to tag the alert as resolved. The resolved alerts are shown in a different view, accessible via the Resolved tab.

Alert Fields

  • Event Type: Type of alert. There are 3 main types of alerts:
    • Device alerts generated by EIV in the device for critical events that happened in the device, such as a security attack.
    • Alerts generated by ADS security analytics, such as brute force attacks or new CVE impacting a device firmware
    • User-defined alerts - See Define Custom Alerts.
  • Received: Timestamp when the alert was received
  • Device Id: The identifier of the device that generated the alert
  • Profile Name: The profile of the device
  • Firmware Version: The firmware version of the device
  • Profile State: The state of the device profile (see Device Profiles screen)
  • Status: The status of the alert:
    • Alert - a logical alert was detected and reported.
    • Prevented - an alert generated by EIV indicating that EIV detected and prevented an attack in the device.
  • Actions: Action to mark an alert as Resolved.

The alert list allows page-by-page navigation using the <, <<, > and >> icons and vertical navigation on the page using the right-side scrollbar.

Tagging Alerts as Resolved

An alert can be marked as resolved after it has been reviewed. The Critical Alert view allows to display alerts as whether or not they are resolved using a predefined filter Open vs Resolved on the top of the alert list:

Tag a specific alert as resolved

Use the Resolve button to resolve an alert. Once resolved, the alert will move the Resolved alert list.

Tag all alerts as resolved