PSC: How To Find Events/Alerts in Notification History (Chrome)
search cancel

PSC: How To Find Events/Alerts in Notification History (Chrome)

book

Article ID: 292378

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense)

Issue/Introduction

Provide steps for confirming the available details for Notification History items (NOT TRIGGERED, SCHEDULED, SENT)

Environment

  • PSC Console: All Versions
    • CB Defense
    • CB ThreatHunter
  • Google Chrome: All Supported Versions
  • Mozilla Firefox: All Supported Versions
  • Apple Safari: All Supported Versions

Resolution

  1. Go to Settings > API Keys
  2. Open DevTools (F12) and click on the Network tab
  3. Click the drop-down for the desired API Key and select 'Notifications History'
  4. Check the Name column for the 'history' item just below 'notifications'
  5. Expand 'entries' and the first numbered item '0'
  6. Information displayed will include the deviceId, eventId, incidentId (AlertID), and threatId for the Notification

Additional Information

  • 'createTime' is when the Notification was sent (epoch time), 'eventTime' is the date/time of the Event (epoch time)
  • The AlertID (formerly displayed in the Console as incidentID and still named incidentID in DevTools) can also be pulled from the Alerts or Investigate pages and searched for inside of DevTools on the Preview sub-tab or the Network tab
  • The threatID can be pulled from Notification History and used in a plain-text search on the Alerts page to find all Alerts tied to the same threatID
Powered by Wolken Software