MOREAL platform alerts are organized in the Alerts overview screen.
Sample of an Alerts screen
This screen contains all the alerts that the MOREAL Alerting Mechanism produces from assigned devices specifically for the user. Alerts generation is based on automatic reasoning from MOREAL ThreatIQ and ThreatDB engines as well as rules the user has created. The list contains the following items:
- A severity indicator on the left of each item that shows the severity of each alert. There are four severity levels based on the importance of each alert. From the most important to the least significant, the levels are: critical, high, medium and low and are represented with red, orange, yellow and green colours respectively.
- The alert title that describes the kind of alert. Clicking on an alert title navigates to the alert page.
- The alert timestamp that indicates when the alert occurred
- The alert description that provides a detailed overview of the alert along with mitigation suggestions
- If a ticket has been created for a specific alert then a ticket status indicator also appears to show whether the ticket has been resolved or not. Keep in mind that some tickets are automatically created by the MOREAL Platform.
- The action buttons on the right of each item, that let the user acknowledge or resolve the alert.
You may select multiple alerts and apply actions in batches. (e.g. resolve)
One can filter the list by time range, status, criticality, and the reasoning engine that produced each alert. Free search is also available for convenience.