View the alerts that generate notifications for new and ongoing security concerns.
When Trend Vision One triggers an alert, the
alert generates a notification. The Alerts tab allows you to configure
notification settings and manage recipient lists using email, webhook, and the Trend Vision One mobile app.
The following table describes the alerts available on Trend Vision One.
|
Type
|
Related app
|
Description
|
|
Response task
|
Response Management
|
Sends a single email of the latest notifications when the status of a response task
changes to a specified state
For more information, see Response Management.
|
|
Watchlist match
|
Search
|
Sends a notification after matching data on a saved query watchlist
For more information, see Saved queries.
|
|
New Workbench alert
|
Workbench
|
Sends a notification after creating a new alert
For more information, see All Alerts.
|
|
Unusual product status
|
|
Sends a single email of the latest notifications when the status of connected products
or
sensors change to Unhealthy, Disconnected, or Inactive
The Audit Logs app creates notifications based on information from the Service Gateway
Management, Network Inventory, Product Connector, and Zero Trust Secure Access apps.
For more information, see System logs.
|
|
New high-risk users/devices
|
Attack Surface Discovery
|
Sends a notification after detecting new users or devices classified as high-risk
within
the past 4 hours
For more information, see Attack Surface Discovery.
|
|
Risk control rule match
|
Zero Trust Secure Access
|
Sends a single email of the latest notifications after detecting a secure access rule
match
For more information, see Secure access rules.
|
|
Private Access Connector status
|
Zero Trust Secure Access
|
Sends a single email of the latest notifications when the status of Private Access
Connectors changes to Unhealthy or Disconnected
For more information, see Private Access Connector
configuration.
|
|
Internet Access On-Premises Gateway status
|
Zero Trust Secure Access
|
Send alerts when the status of Internet Access On-Premises Gateway changes to "Unhealthy",
or when the on-premises gateway that serves as the authentication proxy for single
sign-on
is disconnected from your on-premises Active Directory server
For more information, see Internet Access gateways and corporate
network locations.
|
|
Internet Access control rule detection
|
Zero Trust Secure Access
|
Sends a notification when any of the specified security detections occur based on
an Internet Access control rule
For more information, see Creating an internet access rule.
|
|
Service Gateway critical service status or performance
|
Service Gateway Management
|
Sends alerts when a critical change in the performance or service status of a Service
Gateway appliance occurs
For more information, see Service Gateway appliance
configuration.
|
|
New risk event
|
Operations Dashboard
|
Sends alerts when any watchlisted risk events at the High or Medium risk level occur
For more information, see Operations Dashboard.
|
|
Case update summary
|
Case Management
|
Sends a notification containing a summary of specified case updates based on the selected
frequency
For more information, see Configuring notifications for case update
summary.
|
|
Case update for owners
|
Case Management
|
Sends a notification every time a case update happens
For more information, see Configuring notifications for case update for
owners.
|
|
Newly discovered assets
|
Attack Surface Discovery
|
Sends alerts when any watchlisted assets are discovered in your environment |