Filtering and searching alerts by technology name

You can filter alerts and search the alerts table for specific alerts based on the Technologies criterion, which indicates the names of program modules or components that generated the alert.

To filter alerts by technology name:

1. Select the Alerts section in the window of the application web interface.

   This opens the table of alerts.

2. Click the Technologies link to open the filter configuration window.
3. In the drop-down list, select one of the following alert filtering operators:
   • Contain if you want the application to display alerts generated by an application module or component that you specify.
   • Not contain if you want the application to hide alerts generated by an application module or component that you specify.
   • Equal to if you want the application to display alerts generated by an application module or component that you specify.
   • Not equal to if you want the application to hide alerts generated by an application module or component that you specify.
4. In the drop-down list to the right of the alert filtering operator that you have selected, select the name of the technology which you want to filter alerts:
   • (YARA) YARA.
   • (SB) Sandbox.
   • (URL) URL Reputation.
   • (IDS) Intrusion Detection System.
   • (AM) Anti-Malware Engine.
   • (TAA) Targeted Attack Analyzer.
   • (IOC) IOC.

   For example, if you want the application to display alerts generated by the Sandbox component, select the Contain filtering operator and the name of the (SB) Sandbox component.

5. To add a filter condition using a different criterion, click and specify the filter condition.
6. Click Apply.

The table of alerts displays only alerts matching the filter criteria you have set.