You can configure alert rules for various criteria (i.e., financial loss or risk score changes at organization, category, factor group, or factor levels) that trigger an email or webhook notification to the recipients.

To configure an alert rule:

1. Go to Alerts > Rules.
2. Click Add Alert Rule.

3. Choose an existing rule template or start configuring from the beginning by clicking Create New.

   See image.

   

   Close

   The Add Alert Rule wizard appears.

4. In the Add Alert Rule wizard, complete the following steps:

   • a. Define Criteria & Throttling

     If you've selected a rule template, the service skips to the Configure Delivery Method section. However, you can click Back to edit the predefined values in the Define Criteria & Throttling section. In this section:

     • Criteria: Set the criteria for the alert rule to be triggered:
       1. Select All or Any from the drop-down menu.
       2. Select the item for which you want to trigger the alert from Org, Category, Factor Group, or Factor.
       3. Based on your selection, the next drop-down menus are auto-populated. Select the required options.
       4. Select the operator for the criteria, i.e., equal to (=), greater than (>), less than (<), greater than or equal to (≥), less than or equal to (≤), increases by, or decreases by.
       5. Enter the value for the operator.

       6. Click Add to add another criterion to the rule.

          For example, see the following GIF to understand how to set the criteria for an alert to be triggered when the risk score for the Data Loss category exceeds 55.

          See image.

          

          Close

     • Expression Preview: You can view a logical preview for the criteria set in the preceding fields. This field is uneditable.
     • Minimum Alert Throttling Criteria: Enter the number of days the criteria must persist before triggering the alert notification.
     • Click Next.

     See image.

     

     Close

     Close
   • b. Configure Delivery Method

     In the Configure Delivery Method section:

     • Rule Name: Enter a name to identify the rule.
     • Severity: Select the severity of the rule from Critical, High, Medium, or Low.
     • Status: Select Enabled or Disabled for the rule.
     • Delivery Method: Select the alert delivery methods from Email and Webhook.
     • Webhooks: Select from the existing configured webhooks or configure a new webhook by clicking Configure Webhooks to receive alerts via webhooks. To learn more, see Configuring Webhooks.
     • Email Recipient: Enter the email address to which you want the alerts to be sent. To learn more about the information sent, see Understanding the Alert Email.
     • Custom Message: Enter a custom message that is displayed within the alert notification when this alert is triggered. This message is applicable for both email and webhooks.
     • Click Add.

     See image.

     

     Close

     Close

   The alert rule is successfully created.