Home
CMC
User Guide
Information and resources about the main features of the Central Management Console (CMC), and the tasks that you can do from the user interface (UI).
Alerts
Alerts
The Alerts page shows all the latest alerts in the system. It lets you view the alerts in different modes, and carry out actions on the alerts.
Expert mode
You can view alerts in expert mode to give you a detailed view of the alerts in the system. This lets you filter, sort, and analyze the information in detail.

CMC
- Introduction
  An overview of the Central Management Console (CMC).
- Installation Guide
  Information and resources on how to install the Central Management Console (CMC), and the different options and settings available.
- Administrator Guide
  Information and resources about the Administration section of the Central Management Console (CMC), and the tasks that you can do in this part of the software.
- User Guide
  Information and resources about the main features of the Central Management Console (CMC), and the tasks that you can do from the user interface (UI).
  - Sensors
  - Alerts
    - Alerts
      The Alerts page shows all the latest alerts in the system. It lets you view the alerts in different modes, and carry out actions on the alerts.
      - Standard mode
        You can view alerts in standard mode to give you an overview of the latest anomalies.
      - Expert mode
        You can view alerts in expert mode to give you a detailed view of the alerts in the system. This lets you filter, sort, and analyze the information in detail.
      - View alerts in standard mode
        You can view alerts in standard mode to give you an overview of the latest anomalies.
      - View alerts in expert mode
        You can view alerts in expert mode to give you a detailed view of the alerts in the system. This lets you filter, sort, and analyze the information in detail.
      - Closing alerts
        When you close an alert, or incident, a dialog lets you select a reason, and specify the learning process.
      - Actions menu
        The Actions menu gives you access to all the actions that you can do for the related alert.
      - Edit a playbook associated with an alert
        A playbook associated with an alert can be modified. A change you make on the playbook only affects the playbook related to that specific alert.
  - Assets
  - Queries
  - Smart Polling
  - Arc
  - Reports
  - Assertions
  - Vulnerabilities
  - Administration
  - Personal settings
  - Troubleshooting
- Maintenance Guide
  Information about the maintenance tasks of Central Management Console (CMC), to help you administer and maintain the solution in a production environment.
- Print format documentation
  A list of all the print-format documentation that is available for the Central Management Console (CMC).

Expert mode

You can view alerts in expert mode to give you a detailed view of the alerts in the system. This lets you filter, sort, and analyze the information in detail.

Expert mode shows a comprehensive table layout, with details on the alerts and incidents listed, which include:

Addresses
Labels
The roles of the involved nodes, zones, protocol, and ports used in the involved transactions, and more

Expert mode — Figure 1. Expert mode

Export

The Export icon lets you export the current list in either comma-separated value (CSV) or Microsoft Excel format.

Group by incident

The Group by incident icon lets you group alerts by incident. This will show incidents, and hide all the alerts that belong to it.

Filter

The filter icon opens a list of items that you let you filter the results.

Live

The Live toggle lets you change live view on, or off. When live mode is on, the page will refresh periodically.

Refresh

The Refresh icon lets you immediately refresh the current view.

Count by field

The ∑ Count by field dropdown lets you select a data field on which to group and count the alerts.

Column selection

The columns selection icon lets you choose which columns to show or hide.