Environment
- PSC Console: All Versions
- CB Defense
- CB ThreatHunter
- Google Chrome: All Supported Versions
- Mozilla Firefox: All Supported Versions
- Apple Safari: All Supported Versions
Objective
Provide steps for confirming the available details for Notification History items (NOT TRIGGERED, SCHEDULED, SENT)
Resolution
- Go to Settings > API Keys
- Open DevTools (F12) and click on the Network tab
- Click the drop-down for the desired API Key and select 'Notifications History'
- Check the Name column for the 'history' item just below 'notifications'
- Expand 'entries' and the first numbered item '0'
- Information displayed will include the deviceId, eventId, incidentId (AlertID), and threatId for the Notification
Additional Notes
- 'createTime' is when the Notification was sent (epoch time), 'eventTime' is the date/time of the Event (epoch time)
- The AlertID (formerly displayed in the Console as incidentID and still named incidentID in DevTools) can also be pulled from the Alerts or Investigate pages and searched for inside of DevTools on the Preview sub-tab or the Network tab
- The threatID can be pulled from Notification History and used in a plain-text search on the Alerts page to find all Alerts tied to the same threatID
Related Content
