Skip to main content
Panther Knowledge Base

Why might I not receive alerts from my Scheduled Rule in Panther?

  1. Last updated
  2. Save as PDF

Issue

I have created a Scheduled Query and a Scheduled Rule in Panther. I am not getting any alerts in my Panther Console, even though the query is running.

Resolution

  • Check the Severity that you have selected for your rule configuration and ensure that it is not set to INFO. 
    • To detect the alerts that have been created for your INFO severity-level rule, make sure that you have selected the status Resolved in the filter drop-down menu of the Scheduled Rule Matches tab.

 

Cause

If you have chosen the INFO severity level, then the default state of the alert at the moment it gets created is Resolved. This means that it won't be visible in the Scheduled Rule Matches tab if there is a filter applied there to only show the Open or Triaged alerts.

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Page type
    Topic
  2. Tags
    This page has no tags.