Alerts Management

About Alert Actions

In the inbox and details page of an alert, you can perform various tasks.

Claim or Release an Alert

Before You Begin

Claiming an alert allows you to take ownership of an alert, select its disposition, and create a case for the alert.

Note:

You cannot claim or release a claim for an alert that belongs to another user.
When you release an alert, you automatically lose subscription to that alert.

About This Task

Claiming an alert in the New state changes its status to Assigned. If an alert is Assigned, you cannot claim the alert until it has been released by the current owner.

Procedure

To claim an alert:
1. In the module navigation menu, select Alerts.
2. Select , and then select the alert filter set.
  The alerts inbox for the selected filter set appears.
3. Select an alert in the alerts queue.
  The selected alert appears.
4. Select Claim Alert.
The alert status changes to Assigned with you designated as the owner, and the alert moves to the My Alerts filter queue.
Note: You can select the My Alerts filter to view claimed alerts.
To release a claim:
1. Select , and then select Release Claim.
  The alert returns to the Unclaimed filter queue.

Results

Releasing an alert causes it to revert to a New status.

Assign an Alert

Before You Begin

An analyst can assign an alert that belongs to another user.

You must have Manage Alerts permissions to assign an alert to another user.

Procedure

In the module navigation menu, select Alerts.
Select , and then select the alert filter set that contains the alert that you want to assign.
A pane that contains a list of alerts appears.
Select the alert.
A section that contains the details of the alert appears.
Select , and then select Assign Alert.
The Assign Alert window appears.
Select the text box, and then in the Search box that appears, enter at least one character of the user name.
A list of user names populates with the matching characters.
From the list, select the user to whom you want to assign the alert.
Select Assign.

Results

The name of the user appears as the owner in the ALERT INFORMATION section, and the user is now subscribed to this alert. In addition, visibility for this alert is set to Limited.

Note: When you assign an alert to a user who does not have access to the alert, and does not have Manage Alerts permission, a message appears indicating that the alert was not assigned.

Assign an Alert Disposition

Before You Begin

After claiming an alert, you can assign a disposition to indicate its validity. Dispositions are retained when you release, process, or reclaim an alert.

Note: You cannot assign a disposition for an alert that belongs to another user.

About This Task

In the Alerts grid view, the default value for Disposition is None. The Disposition column is required in the grid. The Disposition column can be sorted as well.

Procedure

In the module navigation menu, select Alerts.
Select , and then select My Alerts to display the claimed alerts.
A pane that contains a list of claimed alerts appears.
Select the alert to which you want to assign a disposition.
A section that contains the details of the alert appears.

In the Disposition drop-down list box, select one of the following options:


Disposition Category	Disposition Code
Potential Issue	Potential Issue
	Potential Issue - Diagnosis
	Potential Issue - Recommended Actions
	Potential Issue - Post Outage Change
	Potential Issue - Operational
Sensor Problem	Sensor Problem (Pre-6.0 was Potential Issue - Sensor Problem)
Resolution	Resolution
	Resolution - Sensor Required
	Resolution - Catch
	Resolution - No Action Taken
	Resolution - Operational Change
	Resolution - Scheduled Maintenance
	Resolution - Unplanned Maintenance
	Resolution - Forced Outage
	Resolution - Model Maintenance Successful
	Resolution - Customer Remediation
	Resolution - Customer Resolved
	Resolution - Other
Asset Maintenance	Asset Maintenance
	Asset Maintenance - Bad Training Data
	Asset Maintenance - Load Out of Range
	Asset Maintenance - Ambient Out of Range
	Asset Maintenance - Operational Change
	Asset Maintenance - Turn Off Bad Tag
	Asset Maintenance - Threshold Adjustment
	Asset Maintenance - Other Adaptation
	Asset Maintenance - Other Configuration
	Asset Maintenance - Post Outage Change
Monitoring	Monitoring
	Monitoring - Notification to Customer
	Monitoring - Under Customer Review
	Monitoring - Response from Customer
	Monitoring - Customer Action Pending
	Monitoring - Questions for Subject Matter Expert
	Monitoring - Under Subject Matter Expert Review
	Monitoring - Response for Monitoring Analyst
	Monitoring - Request for Maintenance Engineer
	Monitoring - Question for Customer
Transient	Transient Transient - Startup Transient - Load Transient - Shutdown

Your selection results in the following workflow actions:

Selecting False, False - System, or Outage invalidates the alert.
Selecting Valid, Sensor Issue, or Reset State Date acknowledges that the alert needs further investigation, and you can begin your analysis.

Link or Unlink a Case to an Alert

Before You Begin

You can link cases to an alert as evidence. To link cases to an alert, you must either have the Edit Alert Detail permission or Alerts permission.

About This Task

You can select a case from a list related to the current asset or search all cases and filter them based on the following attributes:

Case Name
Case ID
Asset ID
Status

Linked alerts are listed in the EVIDENCE section with the most recent entry first.

Note: You cannot link cases to an alert that belongs to a different tenant.

Procedure

To link cases to an alert, perform the following steps:
1. In the module navigation menu, select Alerts.
2. Select , and then select the alerts filter set and then select the alert for which you want to link cases.
  A pane containing a list of alerts appears.
3. Select the alert.
  A section containing the details of the alert appears.
4. In the LINKED CASES section, select .
  The Select Cases To Link window appears, displaying a list of cases.
  Note:
  You can search for a case in the list by entering the case name, case ID, asset ID, and status in the corresponding boxes, and then selecting Search.
5. Select one or more cases from the list, and then select Link.
  The linked cases appear in the LINKED CASES section of the case.
To unlink a case from an alert, perform the following steps:
1. In the LINKED CASES section, for the alert that you want to unlink from a case, select Unlink.
  The case is unlinked from the alert.

Mark an Alert as Dismissed

About This Task

You can mark a claimed, Assigned alert as Dismissed to indicate that the alert no longer needs attention.

Procedure

In the module navigation menu, select Alerts.
Select , and then select My Active Alerts to access alerts claimed by you.
A pane that contains a list of alerts appears.
Select an alert claimed by you.
Select , and then select Dismiss Alert.

The alert is removed from the My Active Alerts queue.

Note:
To find the processed alert, select All Alerts Filter, and then search by Status.

Add or Delete Notes in an Alert

Before You Begin

Notes can help you in clarifying evidence during a diagnosis.

There are two note sections in the details page of an alert, INTERNAL NOTES and NOTES:

Internal Notes: The INTERNAL NOTES section appears only if you have either View Internal Notes or Manage Internal Notes permission. If you have the View Internal Notes permission, you can view and read any internal notes, but cannot add or edit the note. The Manage Internal Notes permission allows you to view internal notes and add a note. However, you can delete only your own notes. The INTERNAL NOTES section does not appear in the alerts grid, nor can be exported to a PDF.
Notes: The NOTES section is available to all users with View Alert Detail or Manage Alert permission. If you have Manage Alert Detail permissions, you can edit or delete notes. The NOTES section appears in alerts grid as a column, and can be exported to a PDF.

Procedure

To add a note:
1. In the module navigation menu, select Alerts.
2. Select , and then select the alert filter set that contains the alert for which you want to add a note.
  A pane that contains a list of alerts appears.
3. Select the alert.
  A section that contains the details of the alert appears.
4. In the NOTES section of the alert, enter text in the box.
  You can enter up to 5000 characters.
5. Select Add Note.
  The new note appears in the NOTES section.
To delete a note:
1. Select next to the note.
  The selected note is removed from the NOTES section.

Apply Filters to Alerts

About This Task

You can apply default filter sets to Alerts.

You can use filter sets to narrow queue entries into a manageable set.

Note: The filters applied to the alerts inbox or grid is persistent even if you navigate out of alerts, therefore not requiring you to select the filter attributes again until you log out of the application. This is valid for a given user session.

Procedure

In the module navigation menu, select Alerts.
Select , and then select a filter set, such as My Alerts or Unclaimed.
The filter is applied to the alerts inbox or alerts grid.

Create a Case from an Alert

To initiate and track the process used to address an issue identified in an alert, you can create a case from the corresponding details page of the alert.

Before You Begin

You must have Alerts permissions and Cases permissions to create a case from an alert.

Note:

You can create a case for an alert that belongs to the same tenant.
When you create a case from an alert and if the EVIDENCE section of the alert contains an analysis chart, the same analysis chart will be available in the EVIDENCE section of the case.

About This Task

You can create a case from an alert by providing an Asset ID at any level (enterprise, site, segment, or asset).

Procedure

In the module navigation menu, select Alerts.
Select , and then select My Alerts.
A pane that contains a list of alerts assigned to you appears.
Select the alert for which you want to create a case.
The details page of the alert appears.
Select Create Case.
The Create Case window appears.
In the Title box, enter a case name.
In the Symptoms box, enter a description, and then select Save.

Results

A case with the selected name and severity appears in the LINKED CASES section of the alert. The case then becomes available in the Cases module.

If you create multiple cases for a single alert, the Case Number in the Case Information section is incremented by one for each additional case.

Access a Case from an Alert

About This Task

When you create a case from an alert, the case is generated in the Sentinel Web Cases module, and a link to the case appears in the LINKED CASES section in the details section or page of an alert.

Procedure

In the module navigation menu, select Alerts.
Select and then select the alert filter set that contains the alert for which a case is created.
A pane that contains a list of alerts appears.
Select the alert.
The details page of the alert appears.
In the LINKED CASES section, select the linked case that you want to view.
The Limited Visibility Cases appear in the LINKED CASES section only if you have the View Limited Visibility Cases permission. Otherwise, only the General Visibility Cases are displayed in the LINKED CASES section of the alert.

Results

The case details of the selected case open in a new web browser tab.