LightBeam Documentation
Installer GuidesData SourcesPlaybooksInsightsPrivacyOpsGovernance
  • 💡What is LightBeam?
  • 🚀Getting Started
    • ⚙️Installer Guides
      • Pre-Requisites / Security Configurations
        • Firewall Requirements
        • Securing LightBeam on EKS with AWS Certificate Manager on Elastic Load Balancer
        • Configure HTTPS for LightBeam Endpoint FQDN Standalone deployment
        • Using Custom Certificates with LightBeam
        • Securing LightBeam on GKE with Google Certificate Manager and GCE Ingress
      • Core
        • LightBeam Deployment Instructions
        • LightBeam Installer
        • Web App Deployment
        • LightBeam Diagnostics
        • LightBeam Cluster Backup & Restore using Velero
      • Platform Specific
        • AWS
        • Microsoft Azure
        • Google Cloud (GKE)
        • Standalone Virtual Machine
        • Deployment on an Existing Managed Kubernetes Cluster
        • Azure Marketplace Deployment
      • Integration and Setup
        • Setting Up AWS PrivateLink for RDS-EKS Interaction
        • Twingate and LightBeam Integration Guide
        • Data Subject Request Web Application Server
        • Generate CSR for LightBeam
  • 🧠Core Features
    • 🔦Spectra AI
      • 🔗Data Sources
        • Cloud Platforms
          • AWS Auto Discovery
          • GCP Auto Discovery
        • Databases and Datalakes
          • PostgreSQL
          • Aurora (PostgreSQL)
          • Snowflake
          • MS SQL
          • MySQL
          • Aurora (MySQL)
          • BigQuery
          • AWS Redshift
          • Oracle
          • DynamoDB
          • MongoDB
          • CosmosDB (PostgreSQL)
          • CosmosDB (MongoDB)
          • CosmosDB (NoSQL)
          • Looker
          • AWS Glue
          • Databricks
          • SAP HANA
          • CSV Files as a Datasource
        • Messaging
          • Gmail
          • Slack
          • MS Teams
          • MS Outlook
        • Developer Tools
          • Zendesk
          • ServiceNow
          • Jira
          • GitHub
          • Confluence
        • File Repositories
          • NetDocuments
          • AWS S3
          • Azure Blob
          • Google Drive
          • OneDrive
          • SharePoint
          • Viva Engage
          • Dropbox
          • Box
          • SMB
        • CRM
          • Hubspot
          • Salesforce
          • Automated Data Processing (ADP)
          • Marketo
          • Iterable
          • MS Dynamics 365 Sales
          • Salesforce Marketing Cloud
      • 🔔PlayBooks
        • What is LightBeam Playbooks?
        • Policy and Alerts
          • Types of Policies
          • How to create a rule set
            • File Extension Filter
          • Configuring Retention Policies
          • Viewing Alerts
          • Sub Alerts
            • Reassigning Sub-Alerts
            • Sub-alert States
          • Levels of Actions on Alerts
          • User Roles and Permissions
            • Admin View
            • Alert Owner View
            • Onboarding New Users
              • User Management
              • Okta Integration
              • Alert Assignment Settings
              • Email Notifications
            • Planned Enhancements
          • Audit Logs
          • No Scan List
          • Permit List
          • Policy in read-only mode
      • 📊Insights
        • Entity Workflow
        • Document Classification
        • Attribute Management Overview
          • Attributes Page View
          • Attribute Sets
          • Creating Custom Attribute
          • Attributes List
        • Template Builder
        • Label Management
          • MIP Integration
          • Google Labels Integration
      • 🗃️Reporting
        • Delta Reporting
        • Executive Report
        • LightBeam Lens
      • Scanning and Redaction of Files
        • On-demand scanning
      • How-to Guides
        • Leveraging LightBeam insights for structured data sources
      • LightBeam Dashboard Outlay
      • Risk Score
    • 🏛️PrivacyOps
      • Data Subject Request (DSR)
        • What is DSR?
        • Accessing the DSR Module
        • DSR Form Builder (DPO View)
          • Creating a New DSR Form
            • Using a Predefined Template
            • Creating a Custom Form
          • Form Configuration
          • Form Preview and Publishing
          • Multi-Form Management
          • Messaging Templates
        • Form Submission & Email Verification (Data Subject View)
        • DSR Management Dashboard (DPO View)
        • Processing DSR Requests
          • Data Protection Officer (DPO) Workflow
          • Self Service Workflow (Direct Validation)
          • Data Source Owner (DSO) Workflow
        • DSR Report
      • 🚧Consent Management
        • Overview
        • Consent Logs
        • Preference Centre
        • Settings
      • 🍪Cookie Consent
        • Dashboard
        • Banners
        • Domains
        • Settings
        • CMP Deployment Guide for Google Tag Manager
        • FAQs
      • 🔏Privacy Impact Assessment (PIA)
        • PIA Templates
        • PIA Assessment Workflow
        • Collaborator View
        • Process Owner Login View (With Collaborator)
        • Filling questionnaire without collaborator
        • Submitting the assessment for DPO review
        • DPO review process
        • Marking the assessment as reviewed
        • Editing and resubmitting assessments after DPO review
        • Revoke review request
        • Edit Reviewer
        • PIA Reports
      • ⏺️Records of Processing Activity (RoPA)
        • Creating a RoPA Template
          • How to clone a template
          • How to use a template
        • How to create a process
          • Adding Process Details
          • Adding Data Elements
          • Adding Data Subjects
          • Adding Data Retention
          • Adding Safeguards
          • Adding Transfers
          • Adding a Custom Section
          • Setting a Review Schedule
          • Data Flow Diagram
        • How to add a collaborator
        • Overview Section
        • Generating a RoPA Report Using LightBeam
        • Collaborator working on a ticket
    • 🛡️Governance
      • Access
        • Dashboard
        • Users
        • Groups
        • Objects
        • Active Directory Settings
        • Access Governance at a Data Source Level
        • Policies and Alerting
        • Access Governance Statistics
        • Governance Module Dashboard
      • Privacy At Partners
  • 📊Tools & Resources
    • 🔀API Documentation
      • API to Create Reports for Structured Datasource
    • ❓Onboarding Assessments
      • Structured Datasource Onboarding Questionnaire
        • MongoDB/CosmosDB Questionnaire
        • Oracle Datasource Questionnaire
      • SMB Questionnaire
    • 🛠️Administration
      • Audit Logs
      • SMTP
        • Basic and oAuth Configuration
      • User Management
        • SAML Identity Providers
          • Okta
            • LightBeam Okta SAML Configuration Guide
          • Azure
            • Azure AD SAML Configuration for LightBeam
          • Google
            • Google IDP
        • Local User Management
          • Adding a User to the LightBeam Dashboard
          • Reset Default Admin Password
  • 📚Support & Reference
    • 📅Release Notes
      • LightBeam v2.2.0
      • Reporting Release Notes
      • Q1 2024 Key Enhancements
      • Q2 2024 Key Enhancements
      • Q3 2024 Key Enhancements
      • Q4 2024 Key Enhancements
    • 📖Glossary
Powered by GitBook
On this page
  • 1. Individual Sub Alert Actions
  • 2. Batch Sub Alert Actions
  • 3. Multiple Alert-level Actions
  • 4. Alert-level Actions
  1. Core Features
  2. Spectra AI
  3. PlayBooks
  4. Policy and Alerts

Levels of Actions on Alerts

PreviousSub-alert StatesNextUser Roles and Permissions

Last updated 1 year ago

Actions can be performed at four different levels, providing flexibility in alert management:

1. Individual Sub Alert Actions

├ i) Resolving Sub Alerts

├ ii) Reassigning Sub Alerts

├ iii) Adding Sub Alerts to No Scan List

├ iv) Adding Sub Alerts to Permit List

└v) Muting Sub Alerts 2. Batch Sub Alert Actions

3. Multiple Alert-level Actions

4. Alert-level Actions


1. Individual Sub Alert Actions

Actions are taken on individual sub alerts, allowing you to resolve, reassign, add to permit list, or perform other actions on specific objects within an alert. This level of control is particularly useful when you need to handle each impacted object differently based on its content, sensitivity, or other factors.

i) Resolving Sub Alerts

  1. Select the checkbox next to the sub alert(s) you want to act on.

  2. Select 'Resolve' from the Actions dropdown menu.

  1. In the Resolve window, add a note to provide context or document the actions taken offline.

  1. Click 'Resolve' to mark the sub alert(s) as resolved.

Impact on Table View: After resolving a sub alert, it will be removed from the 'Objects Impacted' table, as it has been marked as resolved.

Impact on Dashboard View: The alert dashboard will update to reflect the decreased number of objects impacted, entities impacted, and attributes associated with the resolved sub alert(s).

ii) Reassigning Sub Alerts

  1. Select 'Reassign' from the Actions dropdown menu.

  1. In the Reassign window, enter the email address of the user you want to reassign the sub alert(s) to.

  1. Click 'Assign' to complete the reassignment.

Impact on Table View: After reassigning a sub alert, the 'Assignee' column in the 'Objects Impacted' table will update to display the email address of the new assignee for the corresponding sub alert(s).

Impact on Dashboard View: The total number of assignees in the alert dashboard will increment to reflect the additional assignee(s) for the reassigned sub alert(s)

iii) Adding Sub Alerts to No Scan List

  1. Select 'Add to "No Scan List"' from the Actions dropdown menu.

  1. In the Add to No Scan List window, you can choose to add a note if necessary and then click on Add to no-scan list.

Impact on Table View: After adding a sub alert to the no scan list, it will be removed from the 'Objects Impacted' table, as it will no longer be scanned by the data source.

Impact on Dashboard View: The alert dashboard will update to reflect the decreased number of objects impacted, entities impacted, and attributes associated with the sub alert(s) added to the no scan list.

iv) Adding Sub Alerts to Permit List

  1. Select 'Add to Permit List' from the Actions dropdown menu.

  1. In the Add to Permit List window, you can choose to add a note to provide additional information.

  1. Click 'Add to Permit List' to complete the action.

Impact on Table View: After adding a sub alert to the permit list, it will be removed from the 'Objects Impacted' table, as it has been exempted from the policy rules.

Impact on Dashboard View: The alert dashboard will update to reflect the decreased number of objects impacted, entities impacted, and attributes associated with the sub alert(s) added to the permit list.

v) Muting Sub Alerts

  1. Select 'Mute Alert' from the Actions dropdown menu.

  1. In the Mute Alert window, set the mute duration by selecting the number of days, weeks, or months from the dropdown menu.

  2. Add a note to provide additional information.

  1. Click 'Mute Alert' to temporarily suppress the sub alert(s) for the specified duration.

Impact on Table View: After muting a sub alert, it will be removed from the 'Objects Impacted' table for the specified mute duration and added to the 'Permit List' table within Playbooks.

Impact on Dashboard View: The alert dashboard will update to reflect the decreased number of objects impacted, entities impacted, and attributes associated with the muted sub alert(s) for the duration of the mute period.


2. Batch Sub Alert Actions

Alerts 2.0 allows users to perform batch actions on sub alerts, streamlining alert management. You can select all sub alerts on a page at a time by checking the boxes next to each relevant row in the 'Objects Impacted' table. This feature enables you to efficiently apply the same action to multiple sub alerts simultaneously, saving time and effort.


3. Multiple Alert-level Actions

The multiple alert level allows you to perform actions on sub alerts across multiple alerts simultaneously. This means that you can select different alerts from a single list-view and perform an action on them at once.

To perform a multiple alert-level action, follow these steps:

  1. Navigate to the Alerts page, which displays a list view of all the alerts.

  2. Select the checkboxes next to the alerts you want to perform the action on. You can select alerts from different policies or rule sets.

  3. Once you have selected the desired alerts, click on the action button (Reassign, Resolve, or Mute).


4. Alert-level Actions

Actions at this level affect all sub alerts within a single alert. When you perform an action at the alert level, it is applied to every object impacted by the alert. This is useful when you want to apply the same action to all sub alerts within an alert, such as reassigning the entire alert to a different user or adding all impacted objects to the permit list.

Users can further perform actions on the alerts by ticking the checkbox for the alert under Alert name.

To perform an alert-level action, follow these steps:

  1. On the alert details page, locate the action buttons in the top-left corner of the screen.

Click on the desired action button (Reassign, Resolve, or click on the arrow to Mute) to apply the action to all sub alerts within the alert.

🧠
🔦
🔔
🔽
Figure 36: Resolve Sub Alerts
Figure 36.1: Resolve Sub Alerts
Figure 36.2 Resolve Sub Alerts
Figure 36.3 Resolve Sub Alerts
Figure 36.4 Resolve Sub Alerts
Figure 37: Reassign Sub Alerts
Figure 37.1: Reassign Sub Alerts
Figure 37.2: Reassign Sub Alerts
Figure 37.3: Reassign Sub Alerts
Figure 38: Add Sub Alerts to No Scan List
Figure 38.1: Add Sub Alerts to No Scan List
Figure 38.2: Add Sub Alerts to No Scan List
Figure 38.3: Add Sub Alerts to No Scan List
Figure 38.4: Add Sub Alerts to No Scan List
Figure 39: Add Sub Alerts to Permit List
Figure 39.1: Add Sub Alerts to Permit List
Figure 39.2: Add Sub Alerts to Permit List
Figure 39.3: Add Sub Alerts to Permit List
Figure 39.4: Add Sub Alerts to Permit List
Figure 40: Mute Sub Alerts
Figure 40.1: Mute Sub Alerts
Figure 40.2: Mute Sub Alerts
Figure 40.3: Mute Sub Alerts
Figure 40.4: Mute Sub Alerts
Figure 41. Batch Actions on Sub Alerts
Figure 42. Multi-alert-level Actions
Figure 43. Alert-level Action on Sub Alerts