Portnox Cloud alerts
In this topic, you will learn what are alerts in Portnox™ Cloud, where to find them, and how to use them effectively.
To access and configure Portnox Cloud alerts, click on the Alerts option in the top menu.
A screen appears with a list of current alerts.
-
To search for a string in alert metadata, type the string in the search box in the top-left corner and click on the
🔍 icon or press the ↩
key.
You can only search for a string in alert metadata. You cannot search for the string in alert names or descriptions or any additional info.
To search for the string in specific metadata, select the relevant option below the search box: All, Account, Device Name, Device IP, Device Mac, Device Port, NAS IP, NAS MAC.
Result: The list of alerts on the right-hand side will be updated to contain only alerts that match the search string.
-
To filter the list of alerts, select the filter conditions from the menu on the left-hand side.
If there are more conditions available, you will see the link Show more. Click on this link to open the list of filter options in a separate window.
-
For example, click on the OS menu option to filter the list so that it contains only alerts relating to a specific operating system. Then, select the operating system, and click on the Apply Filters button.
-
You can also click on the Show more link to open the OS window with more selection options.
Then, select the operating system(s) and click on the Apply button to apply the filter.
-
The filter that you applied is visible above the list of alerts, below the top menu. Click on the x icon next to the filter condition name to remove a specific filter condition or click on the Reset All link to remove all filter conditions.
-
-
If an alert has an Action Required tag, there is a ○
icon to the left of the alert. Click on the ○ icon to select the alert to be
resolved.
-
Click on the ⚙ icon in the top-right corner to open a window with
additional settings.
-
To get more information about an alert or access additional functionality, click on the links under the alert
summary.
-
Click on the Additional Info link to view more information about the alert. The type of information displayed depends on the type of alert.
Some alert types include helpful links in the top-right corner, for example, in this case it’s a link to the applied policy (System Default Policy) and the device account (View Device).
-
Click on the Hide link and then activate relevant checkboxes to hide the alert type and/or account for the future.
You can unhide the alert event type or account by using the configuration options described earlier.
-
Click on the Notification link and activate the relevant checkbox to start sending notifications about this type of alert to the administrator.
You can stop sending notifications by using the configuration options described earlier.
-
-
Alerts for unrecognized devices connected to MAC authentication bypass (MAB) ports have an option to immediately add
the MAC address or the OUI to a MAC-based
account. Click on the Add MAC(s) or OUI(s) to new or existing account link to open the
ADD MAC(S) OR OUI(S) TO NEW OR EXISTING ACCOUNT window.
-
To add the MAC address of the new device to a new MAC-based account, select the Add MAC(s) from alert to a new MAB-account option. Portnox Cloud will open a new window to configure the new MAC-based account. Follow the instructions in this topic: Create a MAC-based account.
-
To add the MAC address of the new device to an existing MAC-based account, select the Add MAC(s) from alert to an existing MAB-account option. Next, click on the Select MAB-account drop-down field and select the MAC-based account to which you want to add this MAC address, and then click on the Confirm button to add the MAC address.
-
To add the OUI address of the new device to a new MAC-based account, select the Add OUI(s) from alert to a new MAB-account option. Portnox Cloud will open a new window to configure the new MAC-based account. Follow the instructions in this topic: Create a MAC-based account.
-
To add the OUI address of the new device to an existing MAC-based account, select the Add OUI(s) from alert to an existing MAB-account option. Next, click on the Select MAB-account drop-down field and select the MAC-based account to which you want to add this MAC address, and then click on the Confirm button to add the MAC address.
-
-
Alerts informing about authentication success or failure have an additional option link available: Session
details. When you click on this link, a new browser tab opens with more details about this
session.
Warning: This information is stored for 14 days only from the timestamp of the alert. After this time, the information will not be available.