Manage Alerts

For your convenience, Netwrix provides you with a set of predefined alerts that are commonly used for IT infrastructure monitoring. The out-of-the-box alerts include those that help you detect suspicious activity and inform you on critical changes to your environment. The alerts contain pre-configured filters and in most cases you only need to enable an alert and select who will receive notifications.

To... Do...

Enable / disable an existing alert

  1. Select an alert from the list and enable it using the slider in the Mode column.
  2. Double-click the selected alert and specify alert recipients or set a risk score want to include an alert in Behavior Anomalies assessment. You can go on with a score suggested by Netwrix industry experts or fine-tune it to fit your organization's priorities. Refer to Risk Score for detailed instructions on how to configure scoring settings.

  3. Review and update filters. For some alerts you should provide filter values, such as group name or user.

Modify an existing alert

  • Select an alert from the list and click Edit.

Create a new alert from existing

  • Select an alert from the list and click Duplicate at the bottom of the window.

Remove an alert

  • Select an alert from the list and click in the right pane.

Find an alert

  • Use the Filter by tags option to find an alert by tags associated with this alert.


  • Use a search bar in the upper part of All Alerts window to find an alert by its name or tag.