Add Required Information to the Alert
Add required information such as alert title, alert summary, category, campaign, alert TLP, and alert image in the Required section of the alert creation form. By default, alert title, summary, category, TLP, and recipients groups are mandatory fields in alert creation. To configure fields in the alert creation form, see Field Management Settings.
Before you Start
Configure recipient groups. Only admin and root admin roles can create and update recipient groups. For more information, see Recipient Group.
Configure categories. Only admin and root admin roles can create and update categories. For more information, see Categories.
Steps
To add required information while creating alerts, do the following:
In the alert creation form, click Required.
Enter the required information for the alert. Use the following information while adding details:
Title: Enter the alert title. Members can search for alerts based on keywords present in the alert title. An example of an alert title is, ImBetter: New Information Stealer Spotted Targeting Cryptocurrency Users.
Summary: Enter a text summary for the alert which describes what the alert is about. Members can search for alerts based on keywords present in the alert summary.
If you add IOCs in the summary, click Defang to add text to the IOCs so that it is not potentially malicious or harmful when members unintentionally click them in the shared alert. For example, IP address 192.158.1.38 becomes 192[.]158[.]1[.]38 after it is defanged. If you do not want to defang the IOC, click Fang. By default, IOCs are fanged.
Category: Select a category for the alert. The category gives information about the type of alert, for example, Vulnerability Advisories, Educational, RSS Alerts, Malware Advisories, and other categories. Admins and root admins can create and update all categories. For more information, see Categories.
Traffic Light Protocol (TLP): Select a TLP for the alert. TLP ensures that the alert information is shared with corresponding recipients. The default TLP value is based on what is configured in Configure Alerts Settings.
Note
The selection of the TLP corresponds with the TLP hierarchy of the recipient groups for the alert. For more information, see Add Recipients to the Alert.
Campaign (optional): Select an associated campaign for the alert. This field shows only active campaigns. For more information, see Create Campaigns.
Add an Alert Image (optional): Upload an image for the alert. To use the default image, select Use Default Image. This field is displayed based on the configuration in Configure Alerts Settings.
Note
The recommended dimension for images is 750*250 px in a 3:1 aspect ratio. The accepted image size is in a range greater than 3KB and less than 2 MB.
After adding the required information, click Next. The next step is to add additional information to the alert. For more information, see Add Additional Information to the Alert.