Customizing alert severity

VIDEO  Learn how to customize alert severity.

Sometimes, it's convenient to change the Alert Severity from Critical to Medium or Low or from Medium to Low, depending on customers' needs and behavior. 

Setting the Alert Severity to Low will not send alert notifications to your PSA or email. However, it will be logged within Realtime Alerts with a severity of Low. For future reference, SaaS Alerts analysis will allow you to review the alert if need be.

Changing the severity of Critical Alert or Alert to Low (Logged Event) will prevent the event from generating a ticket (in email/PSA).

Changing the severity of an event will only affect future events. Past events will keep their original severity.

  • To customize Alert Severity, from the main SaaS Alert Window, select the Settings tab and select Customize Alerts.
    2024-06-21 15_26_41b-.png
  • Look for the alert you want to customize.  You can search for a keyword of the name of the alert you want to change. For example, search (Ctrl+F, command+F) for the word "limit" or "file" to find Alert suppressed as an example and change the alert to Critical, Medium or Low from the Custom Severity drop-down menu.
  • Your account must have Administrator privileges in SaaS Alerts to Change Alert Severity.
  • To see the whole list of alerts, scroll down to select additional rows to view.
    2024-06-21 15_36_16-SaaS Alerts! — Mozilla Firefox.png
    2024-06-21 15_39_13-.png

Restoring Alerts Severity To Default

To set the File Alert Severity or any other alert severity back to default, click Reset Item next to the alert you want to restore, or click Reset All Items at the top of the Customize Alert Severity table to set all the alerts back to default.
2024-06-21 15_56_37-.png

Due to the growing size of the alerts library, more than 280, SaaS Alerts has reviewed and determined a new schema for the default severity of these alerts. The new default, Quiet Mode, takes into consideration the noise the system can generate and has reduced this. The intent is that Unify, Fortify, and Respond can be leveraged to tighten controls and act upon possible threats.

Upon review of the changes, we encourage all partners to adopt the Quiet default. This default will not override any current customized alert severities. Navigate to Settings > Customize Alert Severity. At the top is a toggle for Onboarding Mode and Quiet Mode. Refer to Quiet mode default severity for alerts.