Alarms Management

USM Central provides a consolidated view of any alarms Alarms provide notification of an event or sequence of events that require attention or investigation. triggered within all of your connected deployments. The displayed alarms in USM Central are compiled from the connected deployments. An alarm consists of one or more events Any traffic or data exchange detected by AT&T Cybersecurity products through a sensor or external devices such as a firewall., based on the following:

USM Central displays the first 10 events associated with an alarm. If you need to see more events, you can drill into the specific deployment that created the original alert. See Drill Down to a Specific Deployment for more information.

Alarms in USM Anywhere that are suppressed or have a closed status are, by default, not forwarded to USM Central. You can have them forwarded from USM Anywhere by going to Settings > My Subscription in USM Anywhere and clicking the Suppressed Alarm Synchronization toggle.

Connection to USM Central

Topics covered in this section include: