View Alerts in AutoFocus
The Alerts Log on the dashboard displays alerts that were generated within the selected dashboard date range, beginning with the most recent alerts. Alternatively, select Alerts on the navigation pane to view the complete set of alert logs.
Alert logs are available for a month from the period the log was generated.
Alert times are displayed in Pacific Time (PST/PDT).
- Find alerts.
- Select Dashboard to view the Alerts Log widget. The Alerts Log widget displays the most recent samples that matched your alert criteria.
- Select AlertsAlerts Log to view all samples that have triggered alerts. Sort the rows according to Time, Tag Type, SHA256, or Tag. Alternatively, click the column headers to sort the rows in ascending (up arrow) or descending (down arrow) order.You can also click the SHA256 link for a sample entry to add the sample to a search:
- Scan tag details.Hover over the tag on which the alert is based to view tag details, including the latest time and the total number of times that traffic was matched to the tag.
- Search on the latest sample that triggered an alert.Click the sample hash on the Alerts Log widget to add the sample to an AutoFocus search:
- Review and/or search on the conditions that triggered
an alert.Select a tag on the Alerts Log widget to view tag details. Tag details include a description of the tag and a list of the conditions defined for the tag. From the tag details, open a search based on the tag or a single condition defined for the tag:
- Add the tag to the search editor, to search for all historical and global samples matched to the tag.
- Add a single condition defined for the tag to the search editor, to search for all historical and global samples matched to that single condition.
Tag Status On the Tags page, view the status for a specific tag; optionally, select Sort by: Status to sort tags based on the status ...
New Alert Filters
New Alert Filters Select Alerts on the left-hand navigation pane to view the Alerts Log. Select the filter icon: Search for alerts based on the ...
Enable Alerts by Tag Type
Enable Alerts by Tag Type Enable alerts based on Tag Types . You can choose to generate an alert for all samples in your network ...
AutoFocus Alerts Prioritized alerts allow you to quickly distinguish targeted, advanced attacks from commodity malware so that you can triage your network resources accordingly. Set ...
First Look at the AutoFocus Portal
First Look at the AutoFocus Portal The AutoFocus dashboard presents a visual landscape of network, industry, and global threat artifacts . A threat artifact could ...
About AutoFocus The AutoFocus threat intelligence portal enables you to quickly identify threats on your network, and to contextualize such events within an industry, global, ...
Email Alerts AutoFocus can send alerts to your email account. In an email alert, the SHA256 hash displays as a hyperlink that opens the WildFire™ ...
Create a Tag
Create a Tag There are two ways to create a new AutoFocus tag: tag a sample or tag a set of search conditions. The visibility ...
Drill Down on Dashboard Widgets
Drill Down on Dashboard Widgets Use the dashboard widgets to add artifacts of interest to a search. Artifacts added to the search editor from the ...