A typical alert workflow looks like this:
- When a rule flags a transaction event, it generates an alert.
- Each alert is then sent to a designated alert queue.
- An agent investigates an alert in his team alert queue.
- An agent resolves the alert with a workflow button such as `CLOSE ALERT`.
Alert queues are simply a group of related alerts. Alerts in a queue can be investigated by agents in the team's queue.
Queues essentially triage alerts and help streamline the review process by agents.
Administrators can create alert queues and determine which team work on which queues.
There is a default queue for all alerts that aren’t configured to route to any other alert queue.
- The default queue cannot be deleted.
- All agents can view the default queue.
Alerts Queues in your Dashboard
To explore alerts and queues, head to the Workflows page on your dashboard and make sure you are on the Queues tab:
The Queues tab shows all alert queues in the environment. In this tab, you can select a queue, and view all open and closed alerts within it.
You can also edit queues, to do things like add teams or rules to the queue, or configure the order in which agents investigate queues.
A rule can only be associated with one (1) queue. Adding a rule to a queue will disassociate it from any other queue.