v4.21 Changes: Notifications are renamed to alerts
Alerts and conclusions can be used in our application to provide valuable auditing information. Alerts and conclusions are inserted via a rule based on a set condition being met, such as an answer being selected from a questionnaire, a component being inside a specific trust zone etc.
Alerts vs Conclusions. What's the difference?
Alerts are small bits of information (types: error, info, warning) that is inserted at a project level (in the alerts pane).
An alert is an extract of information to inform the user that certain actions has taken place or more accurately, that a rule has fired under a defined condition with an action to insert the alert.
Above is an example of the alerts system. In this example, I have used a naming system to differentiate where they have came from. In your own use, you may feel free to populate these with more meaningful information to your specific scenario and rule.
Conclusions are similar to alerts in that they provide information but they can also be configured to be displayed at more levels than an alert.
Whereas an alert is always inserted at the project level (in the alerts pane), a conclusion can be fired through different modules to insert at it's associated level.
- Project questionnaire
- Component Questionnaire
- Data flow
As described in the alerts example, feel free to name these something more useful. The examples above are used for illustrative purposes.
Which modules can I use an alert or conclusion?
|Main||✔️||✔️ - architecture questionnaire|
|Component||✔️||✔️ - component questionnaire|
|Data flow||✔️||✔️ - inserted at destination or origin component as defined in rule|
|Threat (Component conditions)||✔️||✔️ * - please refer to below|
|Threat (Data flow conditions)||✔️||❌|
Alerts are always submitted at project level.
Conclusions can be consumed via the rules. Please refer to below.
* conclusions at this level are not visible but can be consumed by rules.
Conclusions can be consumed by different rules which take the presence or absence of a set conclusion.
In this scenario, conclusions can be used as background logic to take rule decisions based of them.
Example of 'conclusion exists' functionality.