Skip to Content
Customer PortalAlerts
💡
Quick overview

Alerts

Alerts is the live response workspace. It shows what fired, what still needs attention, and how quickly the team is responding.

Core actions:

  • Review new alerts in reverse chronological order.
  • Acknowledge issues that are being investigated.
  • Resolve alerts with a clear resolution note.
  • Open the linked session or rule from any alert row.

Tip: Use Alerts for active response. Use Analytics and application workspaces when you want trend reporting or deeper diagnosis.

Alerts

The Alerts workspace is built for active response. It keeps new alerts, ownership, and response metrics in one flow so teams can move from detection to resolution quickly.

Who can use this
Available to
AdministratorGovernance EngineerCompliance OfficerAuditor
Not available to
DeveloperBusiness Owner

All four roles can view the Alerts workspace. Write access differs: Administrators configure notification channels. Governance Engineers configure governance thresholds and acknowledge alerts. Compliance Officers acknowledge alerts and manage their notification subscriptions. Auditors have read-only access — they can view alert history for evidence but cannot acknowledge or configure anything.

Admin

You configure alert delivery channels under Settings → Integrations → Notification Channels — Slack, webhook, and email targets. You can also set governance alert thresholds for any application and acknowledge any open alert.

Gov. Engineer

You can acknowledge alerts and configure governance-specific thresholds: policy score floors, drift triggers, and annotation coverage minimums. Generic notification channel setup (Slack webhooks, email routing) belongs to Administrators.

Compliance

You can acknowledge alerts and toggle your own governance alert notification subscriptions. You cannot configure thresholds or channels — those belong to Admins and Governance Engineers. Mean time to acknowledge and resolve metrics appear in your compliance evidence exports.

Auditor

You have read-only access to alert history within your engagement scope. Use it to verify that governance alerts were acknowledged and resolved within the required SLA window. You cannot acknowledge or configure alerts.

Key signals

  • Severity and age of each alert.
  • Mean time to acknowledge.
  • Mean time to resolve.
  • Direct links back to the rule or session that triggered the alert.

Common workflow

  1. Filter to the current time window and application scope.
  2. Review open alerts first.
  3. Acknowledge alerts that are actively being investigated.
  4. Open the linked rule, session, or application workspace when deeper context is needed.
  5. Close the alert with a clear resolution note.
Last updated on
SessionsCompliance