1. In the left-side navigation, select Alerts.
2. On the Alerts page, click the Ignore Filters tab.
3. Click + Ignore Filter.

See image.

4. On the General Information page:

• Type of Alerts: Select Cloud or IaC.
• Ignore Filter Name: Enter a unique name for the filter.
• Filter Description (Optional): Enter a description.
• Ignore Filter End Date: Select the duration for which you want to snooze the alert. This filter is disabled after the end date and alerts are triggered for security policy violations.

See image.

5. Click Next.
6. On the Filter Scope page:
   • For Cloud Alerts, select at least one of the filters below:
     • Policies
       • All Policies: The filter applies to all policies.
       • Theme: Select the required Policy Theme from the drop-down menu (Compliance, Security Events, Security Exposure, and Blank).
       • Category: Select the required Threat Category from the drop-down menu.
       • Severity: Select the required Policy Severity from the drop-down menu.
       • Select Policies: Select to view the Select Existing Policies page, and select the required policies from the table.

         To learn more, see About Security Policies.

       • Policy Focus: Select Asset or Identity from the Policy Focus drop-down menu.

       By default, the All Policies filter is selected.

       Close
     • Cloud Accounts
       Select the cloud account, business unit, or provider. Depending on your selection, one of the following additional fields displays:

       • Select Accounts: Select the required cloud accounts that must be included in the filter.
       • Business Units: Select the required business units that must be included in the filter.
       • Cloud: Select the cloud provider (AWS, Azure, GCP, or Kubernetes). For Kubernetes, select the required Cluster Names and Namespaces from the drop-down menu.

       By default, the All Accounts filter is selected.

       Close
     • Cluster Names

       Select from a list of cluster names.

       By default, the All Kubernetes Clusters filter is selected.

       Close
     • Namespaces

       Select from a list of namespaces.

       By default, the All Kubernetes Namespaces filter is selected.

       If you don't have any onboarded Kubernetes clusters, then the Cluster Names and Namespaces fields are not displayed.

       Close
     • Tags

       Click the Tags drop-drown menu and choose Select Tags. Click the Add Tags icon that appears, to include the required tags.

       By default, the All Tags filter is selected.

       Close
     • Assets
       • All Assets: The filter applies to all assets.
       • Asset Type: Select the required Asset Type from the drop-down menu.
       • Asset Category: Select the required Asset Category from the drop-down menu.

       By default, the All Assets filter is selected.

       Close

     See image.

     

     Close

     If no filters are selected within the scope, the Next button is disabled.

   • For IaC Alerts, select at least one of the filters below:
     • Policies
       • All Policies: The filter applies to all policies.
       • Severity: Select the required Policy Severity from the drop-down menu.
       • Select Policies: Select to view the Select Existing Policies page, and select the required policies from the table.

         To learn more, see About Security Policies.

       By default, the All Policies filter is selected.

       Close
     • Template Type

       Select one or more template type (Terraform, CloudFormation, Azure Resource Manager, Kubernetes, Helm Charts, Terraform Plan) from the drop-down menu.

       Close
     • Scan Plugin

       Select the IaC scan plugin from the drop-down menu.

       Close
     • Repository

       Select the IaC repository from the drop-down menu.

       Close

     See image.

     

     Close

7. Click Next.
8. Review the summary of the ignore filter scope.

See image.

9. Click Finish.

All the alerts matching the selected criteria are moved to ignored status.