The first Alerts UI feature you can use to focus your data is Filters. You can use Filters to choose the type of data you are viewing.
In the Filters panel on the left of the window, click the
The central panel of the Alerts UI displays all of the Bro data it has received.
You can continue to apply filters to the alerts displayed in the
Alerts window to further refine the alerts list.
As you select filters and facets, they are displayed in the Searches field.For example, in the following figure, we've applied the
source.typefilter with the
brofacet and then the
ip_dst_addrfilter with the IP address
- To clear filters that have been populated to the Searches field, click (delete icon) at the end of the Searches field.