Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. IT Analytics Help
  3. Section IV. End user
  4. Alert configuration
  5. Add/Edit an Alert Policy
  6. Define the Scope to Monitor

Define the Scope to Monitor

Policy scope can be set to alert on a wide range of conditions or a specific granular one. This window enables you to:

  • Double-click to add an object to the scope

  • Double-click to remove an object from the scope - This removes an object that has been place in the report scope.

  • Drag and drop objects into the scope - Click the object and move it until you see a red dotted rectangle. Drop it into the pane.

  • Search for objects to add to the scope.

Once in the new screen, use the Groups tab to browse for a broad scope such as everything from a particular vendor. The benefit of a broad scope is that when new objects are added to your datacenter and they fit the scope criteria, they are picked up automatically by the Alert Policy.

Note:

Alerting is configured at the Domain level, however for multi-tenancy environments, the Cascade option in the Groups tab impacts what objects are available to monitor. Select Cascade to display objects at your Domain level and those domains that are children to your level. De-select Cascade to only display and monitor objects from your Domain.

Use the searchable tabs to refine the scope to a more granular level, such as watch a specific set of primary servers. For each object represented in the Groups tab, there is a corresponding searchable tab. The searchable tab selection is dynamic and derived from the Alert rule you select. For example, if you select Primary Server Connection, the Groups tab displays all discovered products in your datacenter. The searchable tabs enable you to find Products and Primary Servers. By using each of these components, you can construct a query to monitor exactly the scenario you require.

Attributes are also available to use as a scoping filter for most Rules. Attributes are user-defined characteristics of the objects.

See Scope Example: Data Protection: Monitor for High Job Failure Rate.

See Scope Example: Data Protection: Monitor Backup Jobs.

Using Attributes in the Scope

Attributes, either user-defined or system attributes, can be used to define the scope of your alert. Attributes are available for selection from most Rules. For example, you have set up a "location" attribute that you associated with the Primary Servers. With that set, you can generate an alert for Primary Servers in a particular location that also fit your other scope criteria. An attribute can be added as a part of the monitor query.

See About attributes .

Use Show Resolved Scope to display a list of items in your datacenter that currently meet the selected criteria. This provides validation that the scope you set is capturing what you intended.

Feedback

Was this page helpful?
Previous

Name the Policy and Define Time Intervals

Next

Scope Example: Data Protection: Monitor for High Job Failure Rate

Feedback

Was this page helpful?