Skip to main content
Skip table of contents

Manage Alarms in NetMon

This section describes how to create continuous search-based Alarm rules.

For example, if your company prohibits employees from using Dropbox, you can create a rule by first performing a query on Application:Dropbox, and then saving that query data for the rule parameters. Once the rule is saved, any Dropbox activity on the network triggers an Alarm.

NetMon also sends any triggered alarms to the LogRhythm SIEM.

Starting with the release of NetMon 5.0.5 in April 2026, query rules must be updated to accommodate new ElasticSearch enhancements by adding the “wildcard” (asterisk) symbol to the end of the query. This allows the search to return results for variable letters using the new ElasticSearch components.

Refer to the Search column in the screenshot below for examples:

image-20260414-184357.png

In Rule1, results that begin with “http” will be returned regardless of how the rest of the string ends.

Save Alarm Rules from Queries
Enable or Disable Alarm Rules
View Alarm Query Data
Edit Alarms
Delete Alarms
Search Alarm Data
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close