Working with the Alerts page

NAVIGATION  Alerts

SECURITY   Datto EDR subscription with administrator or analyst-level platform access or Datto AV subscription with administrator or analyst-level platform access

IMPORTANT  Specific retention periods apply to all record types in Datto EDR and Datto AV. For more information, refer to Datto EDR and Datto AV data retention policies.

The Alerts page contains a journal of suspected threats and notable adversary behaviors detected by the Datto EDR or Datto AV analysis engine on your endpoints in the last 30 days. From this location, you can audit, acknowledge, and respond to activity that may pose a concern to your environment.

This article describes the page's layout and functions.

For more information about working with alerts, refer to Configuring email alerts, Suppressing alerts, Understanding the Alert Detail page, and Responding to alerts.

Overview

To access the Alerts page, perform the following steps:

  1. In the top navigation menu, click Alerts.

  2. The page will load. You'll see a list of the threats that Datto EDR or Datto AV has detected during audits of your endpoints, with the most recent suspected malicious content displayed first.

  1. As you navigate, you'll see the following features and fields:

Good to know

This page delivers the additional functions listed below.

  • Click any header to sort the displayed records by the column's value.

  • Click any object name to open its alert detail page.