7.2 Alert Creation

Matches are converted into alerts with the Alert Creator processes. The system uses match alert creator job to generate one alert per match.

Running the Alert Creation Job

The Alert Creator is part of the Behavior Detection subsystem. Behavior Detection provides default job templates and job template groups for running Alert Creator.

To run the match Alert Creator, follow these steps:

1. Verify that the dispatcher is running.
2. Run the start_mantas.sh script as follows:

   start_mantas.sh 503

   where 503 is the job template that Behavior Detection provides to run the Alert Creator algorithm.