Alerts Overview
TABLE OF CONTENTS
Alerts Overview
In Aqua alerts are notifications of certain activities (A scan is run or an event is received) in the users' account. The alerts service then sends these notifications to the Integrations that are configured (an Integration must be created before an alert can be configured). There are two types of Alerts: Scan Alerts and Event Alerts.
Scan Alerts
Scan alerts are notifications that get sent after a scan is completed. These alerts can be configured to only send notifications when a certain plugin enters a fail or warning state and will contain the plugin, resource, and severity.
Scan alerts can also be configured to send notifications whenever a scheduled scan is run. These alerts will contain the number of passing, failing, and warning results as well as any new failing plugins. Check for instructions on how to create a new scan alert.
Event Alerts
Event alerts are notifications that get sent after an event is received and processed by the Aqua CSPM Event Service. These alerts can be configured to only send notifications when specific actions are received by the event service. These alerts will contain the action that was flagged, the invoking user, the IP Address of the invoking user, a description of why the action was flagged, and the raw data of the event that Aqua received. Check for instructions on how to create a new event alert.
Did you find it helpful? Yes No
Send feedback