Notifications

Users can access the notifications page from the header by clicking the notifications icon, which will display unread notifications, providing a quick overview of alerts that require attention. Clicking the See all notifications link redirects users to the notifications page, where they can view all notifications.

A table on the notifications page displays all notifications, separated in columns by Type, Time, and Notification. The Type column indicates the type of notification. The Time column displays the timestamp of the notification, indicating when the event occurred. The Notification column provides a brief description of the event, such as a classification change from unknown (no threats found) to malicious.

Filtering options are available to help users quickly find relevant information. Notifications can be filtered by period, allowing users to view alerts from the last hour, day, week, month, or all time. Users can also filter by read status, distinguishing between read and unread notifications, filter by notification type, including Cloud Classification Changes and Classification Detection, or filter by classification, narrowing the results to cloud classification changes where a sample was marked as unknown (no threats found), malicious, suspicious, or goodware.

Clicking on the hash value within the alert redirects users to the Dashboard > Analytics > Detections Overview table, providing additional context and information about the sample.

The Mark All as Read button allows users to clear unread notifications by marking them as read. This can be used to quickly clear the notification list and focus on new alerts as they arrive.

Filter by Period

The filter by period option allows users to view notifications from the last hour, day, week, month, or all time. This can be used to quickly identify recent alerts and track changes in the classification status.

Filter by Read Status

The filter by read status option allows users to distinguish between read and unread notifications. This can be used to quickly identify new alerts that require attention or to review previously read notifications for additional context.

Filter by Notification Type

The filter by notification type option allows users to distinguish notifications from Cloud Classification Changes and Classification Detection.

Filter by Classification

The filter by classification option allows users to narrow results based on the classification of the sample, including samples marked as Unknown (No Threats Found), Malicious, Suspicious, or Goodware.

Notification Settings

The notification settings page allows users to configure and manage custom notification rules for tracking cloud classification changes. The page provides an overview of existing notifications, displaying their Name, Type, associated Alert type, Description, and Action. Users can navigate through the list using pagination controls and adjust the number of rows displayed per page. If no notifications are configured, the table remains empty.

A button labeled Add Notification in the upper-right corner allows users to create new notification rules.

Adding a Notification

To add a new notification, users must first specify a name, description, and select a notification type. When choosing cloud classification changes, users can define the conditions by selecting the original classification (cloud classification changes from) and the new classification (cloud classification changes to) that will be used to trigger the notifications.

Users can also choose the delivery method, including E-mail, Splunk, or Syslog, to ensure alerts are sent through the appropriate channels.

• E-mail delivery method requires users to enter the recipients' email addresses and select the desired notification frequency.

• Splunk delivery method requires users to enter the Splunk protocol (http or https), host, port, and token.

• Syslog delivery method requires users to enter the Syslog server, port, protocol (UDP or TCP), tag, and priority level.

Manage Profiles

The Profile section allows users to manage their personal information and credentials. It includes fields for First Name, Last Name, and Email Address. Users can update their password by entering a new password, repeating the new password, and providing their current password for verification. These options ensure users can securely manage their account settings within the notification system.