What are custom alerts based on?
What are custom alerts based on?
Custom alerts are based on predefined alert templates. This is because custom alerts often utilize pre-existing templates that can be configured to meet specific needs, rather than creating entirely new event triggers from scratch.
Correct answer is C
Accesing to custom alerts you will see a list of predefined alert templates configurables in certain aspects but it is not possible to add new event triggers for new alerts, so I think the C answer is the correct.
C is correct
Correction -Correct answer is B. Custom alerts based on Custom event based triggers.
Scheduling a Custom Alert for your environment consists of three steps: choosing the template you’d like to configure, previewing the search results, then scheduling the alert. Use Custom Alerts to configure email alerts using predefined templates so you're notified about specific activity in your environment. When an alert runs and finds results, it sends an email to specified recipients instead of generating a new detection. Custom Alerts let you set up email alerts based on predefined templates that cover a wide range of topics including Real Time Response session initiation, host containment, OS security settings, and more that are not yet covered by notification workflows.
C is correct, checked in the UI