Alert Options

The following options are available when you create or edit an alert in Tenable Security Center Director.

Option

Description

General

Name

The name of the alert.

Description

A description for the alert.

Schedule

Specifies how often the alert checks for the conditions to be matched: Minutely, Hourly, Daily, Weekly, Monthly, or Never.

Select Never to create an alert that you trigger manually on demand.

Behavior

Specifies how many times Tenable Security Center performs the alert actions:

  • Perform actions only on first triggerTenable Security Center performs the alert actions only the first time the alert conditions match the trigger configuration.

  • Perform action on every triggerTenable Security Center performs the alert actions every time the alert conditions match the trigger configuration.

Condition

Type

The type of data to use for the condition: Vulnerability, Event, or Ticket.

Trigger
  • IP Count — Trigger on vulnerabilities or events whose IP address count matches the given parameters.
  • Unique Vulnerability Count — Trigger an alert when the unique vulnerability count matches the given parameters. This option appears when you select Vulnerability for the Type option.
  • Event Count — Trigger an alert when the event count matches the given parameters. This option appears when you select Event for the Type option.
  • Port Count — Trigger an alert when the events or vulnerabilities using a certain port number match the given parameters.

Query

The dataset Tenable Security Center uses to determine if trigger conditions have been met.

Filters

Apply advanced filters to the vulnerability or event data. For more information, see Filters.

Actions

Add Actions

Specifies the actions that occur when the alter triggers: Assign Ticket, Email, Generate Syslog, Launch Scan, Launch Report, or Notify Users. For more information, see Alert Actions.