Search for an alert, incident, or event using the unique ID. After entering the unique ID, the related alerts are displayed as a search result.
As examples, if you enter the event ID, the browser returns the alert created or updated from the event. If you enter an incident ID, the browser returns the alert attached to the incident.
You can search only with a single ID at a time.
Event ID is applicable only for the alerts created using the API.
- The entity created through the create alerts APIs is a raw event.
- After being ingested and going through alert processing, an event is either added to an existing alert or created as a new alert.
- Event ID is denoted in the string format and alert ID is denoted in the integer format. Example event ID:
fa3245ca-6740-4f7a-bf06-02414c51595e, Example alert ID: 92654733
To search for an entity:
- Click All Clients, select a client.
- Go to Alerts.
- Enter the ID in the Alert ID search field to fetch. Similarly, for incidents and events, from the Alert ID drop-down menu, select either Incident ID or Event ID and enter the ID.
- Click the search icon.
Matching alert details are displayed.