Refer this video on creating suppression rules:
How to create suppression rules?
This section allows you to add suppression rules to workbooks.
- Hover on the System icon on the left navigation bar of the Home screen, from the options displayed select Signal Suppression Rules, the following screen will be displayed.
- The above page displays the list of workbooks with suppression rules.
- To add a new suppression to an existing workbook, click the plus icon on the extreme right corner of the page, the following page will be displayed.
- On the above screen from the drop-down, select the particular workbook for which you want to add new suppression rules.
- Now select the rules that you want to apply, you can add multiple rules in any combination. Select a target or suspect and then select host, user, resource etc and the value (IP Address / port number) from which alerts will be suppressed.
- Click Save.
- Once a suppression rule is created, alerts of these combinations are suppressed.
How to Create Signal Suppression Rule from signal listing page?
You can also create suppression rules for an already raised signal, follow the steps below to create a suppression rule for an existing signal
- Click the Signals icon on the left navigation bar of the Home screen, the following screen will be displayed.
- Select the particular signal for which you want to create suppression rules. Click on the ellipsis displayed on the extreme right against the signal and select Create Suppression Rule. The following screen is displayed.
- Click Save, to create a suppression rule for that particular signal. Alerts from this particular source will be suppressed.