Notifications and Errors
Get real-time notifications for crucial information about your Panther instance
Last updated
Get real-time notifications for crucial information about your Panther instance
Last updated
Notifications are in open beta starting with Panther version 1.96, and are available to all customers. Please share any bug reports and feature requests with your Panther support team.
In-Console notifications provide information about the performance of your Panther instance. You can configure the types of notifications you would like to receive. There are three types of notifications:
Notifications in Panther are specific to each user, meaning one user marking a certain notification as read will not affect the read/unread status of the same notification for a second user in the same Panther instance.
Even if you have used RBAC per log type to restrict a certain role from viewing alerts related to a given log type, users with that role will still be able to see notifications related to that log type.
To view a list of your notifications, click the bell icon in the upper-right corner of your Panther Console:
Real-time notifications will slide in at the bottom-right corner of your browser window:
System Errors alert you when part of your Panther platform is not functioning as expected. They are sent as in-app notifications, in addition to being sent as alerts to destinations configured to receive System Errors.
Learn more about System Errors, including the different types, on System Errors.
System Notifications are sent only as in-app notifications, unlike System Errors.
Currently, the only type of System Notification is Ingestion capacity limit. This notifies you when you are nearing your data ingestion limit for the month.
Detection Notifications are sent only as in-app notifications, unlike System Errors.
These notifications contain information about asynchronous processing of your detection content to give you more insight into background processes.
Currently, the only type of Detection Notifications are Detection Pack update successes and errors. (Detection errors, including rule and scheduled rule errors, do not generate Detection Notifications.)
To configure the types of notifications you would like to receive:
In the upper-right corner of your Panther Console, click the bell icon to open the Notifications slide-out panel.
On the right side of the tiles for each notification type, click the toggle ON or OFF.
Archive or mark notifications as read, either individually or in bulk.
To archive a single notification:
Open the Notifications slide-out panel. The Inbox tab will be shown.
To bulk archive all notifications:
Open the Notifications slide-out panel. The Inbox tab will be shown.
To mark a single notification as read:
Open the Notifications slide-out panel. The Inbox tab will be shown.
To bulk mark all notifications as read:
Open the Notifications slide-out panel. The Inbox tab will be shown.
In the upper-right corner of the Notifications panel, click the settings icon .
Hover over the notification you'd like to archive, then click the archive icon: .
Once a notification is archived, it is viewable within the Archived tab. You can unarchive a notification by clicking Unarchive.
Near the top of the panel, click Archive All.
Once notifications are archived, they are viewable within the Archived tab. You can unarchive all notifications by clicking Unarchive All.
Hover over the notification you'd like to mark as read, then click the mark-read icon: .
Once a notification is marked as read, it is still visible in the list within the Inbox tab. You can mark it as unread by hovering over it and clicking the mark-unread icon .
Near the top of the panel, click Mark all as Read.
Once notifications are marked as read, they are still visible in the list within the Inbox tab. You can mark all notifications as unread by clicking Mark all as Unread.
