Skip to main content
Skip table of contents


Alerts are notifications that inform investigators of specific activities (potentially harmful/forbidden actions) performed by users on target computers with Clients installed on them, and allow the investigators to respond to such activity quickly, without needing to perform searches.

The notifications can be received by email or in the Tray Notifications application. Monitored activity associated with alert events is also marked as alerts in the Session Viewer.

The system of alerts can be used for two purposes:

• Immediate response: This allows investigators to get information immediately about a forbidden action, and therefore respond to it quickly, and an alert can also be set to automatically block a user or kill a process.

• Delayed response: This allows investigators to get information on a batch of forbidden actions on multiple Clients, analyze them, and then respond.

Table of Contents

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.