Security Center automatically analyzes the exceptions related to an alert. You can click an alert name on the alert list to view and manage all the exceptions related to this alert, and view the results of automatic attack tracing.
- Security Center automatically associates alerts with exceptions in real time to detect potential threats.
- Exceptions related to an alert are listed in chronological order. This allows you to analyze and handle the exceptions to improve the emergency response mechanism of your system.
- You can view the exceptions related to alerts only in the Security Center Advanced and Enterprise editions. If you use the Security Center Basic or Basic Anti-Virus edition, you must upgrade Security Center to the Advanced or Enterprise edition to perform this operation.
- Log on to the Security center console.
- In the left-side navigation pane, click .
- On the Alerts page, click the name of the required alert in the Event column. The alert details page appears.
- On the alert details page, view the details and related exceptions of the alert and
handle the exceptions.
- View alert details
You can view the following details of the alert: Affected Assets, First Occurrence, Latest Occurrence, Alert Reason, and Related Exceptions.
- View affected assets
Click the name of an affected asset to view the details of the asset. The details include alerts, vulnerabilities, baseline risks, and asset fingerprints.
- View alert causes
To view the causes and handling suggestions of the alert, click Go Now to go to the Vulnerabilities or Baseline Check page. On the Vulnerabilities page, you can view and handle the vulnerabilities. On the Baseline Check page, you can view and manage baseline risks.
- View and handle related exceptions
In the Related Exceptions section, you can view the details and recommended solutions of all exceptions related to this alert. To handle the exceptions, you can perform the following operations:
- Click Processing on the right of an exception. In the dialog box that appears, select a processing
method to handle the exception.
For more information about how to select a processing method, see View and handle alert events.
- Click Note on the right of an exception to add a note for the exception.
Click the icon on the right of a note to delete the note.
- Click Processing on the right of an exception. In the dialog box that appears, select a processing method to handle the exception.
- View alert tracing results on the Diagnosis tab
Click the Diagnosis tab to view the tracing results of the alert. For more information about alert tracing, see Use the attack source tracing feature.
- View alert details