Manage Alerts

Add an Alert

You can configure Tenable Security Center to send alerts for vulnerability occurrences.

For more information about the available options for alerts, see Alert Options.

To add an alert:

1. Log in to Tenable Security Center via the user interface.

2. In the left navigation, click Workflow > Alerts.

   The Alerts page appears.

3. Click Add.

   The Add Alert page appears.
   

4. In the Name box, type a name.

5. (Optional) In the Description box, type a description.

6. (Optional) Click the Schedule field to select the frequency of alerts, time, timezone, and whether to repeat sending alerts at the specified time.

7. (Optional) In the Behavior drop-down box, select the condition you want to trigger the alert.
   The default is Perform actions only on first trigger.

8. (Optional) In the Type drop-down box, select the data type for the condition.

9. In the Trigger drop-down box, select the trigger for the alerts.

10. (Optional) In the Query drop-down box, select the dataset to compare with the trigger condition.

11. (Optional) Click Add Filterand provide the details of the selected filter.

12. Click Add Actions to specify an action that occurs when the alert triggers. For more information, see Alert Actions.

13. Click Submit.
    Tenable Security Center creates the alert.

View Alert Details

You can view the summary details of an alert with the name, behavior, condition applied, status, created date, owner, and ID.

To view the details of an alert:

1. Log in to Tenable Security Center via the user interface.

2. Click Workflow > Alerts.

   The Alerts page appears.

3. In the table, right-click the row for the alert you want to view.

   The actions menu appears.

   -or-

   In the table, select the check box for the alert you want to view.

   The available actions appear at the top of the table.

4. Click View.

   The View Alert page appears. For more information about the following fields, see Alert Options.
   

   Section	Action
   Options drop-down box	To edit the alert, click Edit. For more information, see Edit an Alert. To delete the alert, click Delete. For more information, see Delete an Alert.
   General	View general information about the alert. Name — Alert name. Description — Descriptive text for the alert. Schedule — The schedule for how often the alert checks for matching conditions. Behavior — The setting for how the alert behaves once it is triggered. Last Evaluated — The date on which the alert was last evaluated. Last Triggered — The date on which the alert was last triggered. Status — The status of the alert. Created — The date on which the alert was created. Last Modified — The date on which the alert was last modified. Owner — The user who created or owns the alert. Group — The group associated with the Owner. ID — The unique identifier of the alert.
   Condition	View the conditions specified for the alert: Type — The type of the alert. For example, vulnerability, event, or ticket. Trigger — The condition that triggers the alert. For example, IP count, unique vulnerability/event count, or port count. Query — The dataset to which the trigger condition is compared. Filters — The filters added for vulnerability or event data.
   Actions	The actions performed once the alert is triggered.