The toolbar at the top of the results view has several features that will help you manage and view the data.
The filter option allows you define attributes to show in the result view. For instance, you can make a filter that shows alerts that are active, have more than 10 hits, and have sandfly names that start with "file_", as shown below.
Fields can be exactly or partially matched depending on what you want to see.
Presets are defined result views to get to Alerts, Pass and Error events immediately. You can select these presets without needing to build a manual filter and are a convenience feature. Select the option you want and only those results will be shown.
The column option allows you to show or hide columns from view depending on what is important to you.
You can export the high-level rows of events into CSV format with the Export button. Select the alerts you want to export and a CSV file will be created with the available columns.
Raw JSON data for each alert can be accessed by clicking on an individual alert, then selecting the Raw Data tab. From there the JSON alert data can be copied in its entirety via the Copy button or select and copy any desired portion of the text.
IMPORTANT: We Hate False Alarms
We have taken great pains to make Sandfly as false-alarm free as possible. If you are experiencing a true false-alarm situation with Sandfly, please contact us with the details so we can look into what it is. We may be able to correct the situation for you so in the future you will not be bothered with it any more.
Updated about 1 month ago