Alert Dashboards

Alert dashboards

The Alert Dashboard displays current alerts. By default the modular input responsible for retrieving the alert from Recorded Future polls the API every five minutes, this dashboard checks for any active alert in the last ten minutes.

By default the sum of all configured modular inputs for alerts are shown but specific inputs can be selected using the drop down menu "Select an Alert config". It should be noted that this drop down does not reflect the current configured inputs, but is instead based on the available data in Splunk. If no alert has been fetched for a configured input, it will not show in the drop down, meanwhile a removed input will still show if there is an alert indexed in Splunk.

The dashboard contains three fields:

  • The number of active alerts.
  • The "Counts by Rule" which displays which alert rules that have triggered and their count.
  • Detailed Alert Information which displays the details of each alert.

Click on an alert in the "Detailed Alert Information" to open a new window showing the alert in Recorded Future's GUI.

Alert Dashboard

Was this article helpful?
0 out of 0 found this helpful

This content is confidential. Downloading or distributing this content is in violation of your Recorded Future license agreement. Sharing this content outside of licensed Recorded Future users constitutes a breach of the terms and/or agreement and shall be considered a breach by your organization.
Have more questions? Submit a request



Please sign in to leave a comment. Please note that your name will be displayed. If you would like to change how your name appears, please update your profile name.