Product
>
Alerts
Act

Alerts

It’s hard to remember to check on specific GreyNoise queries that you’re interested in Every.Single.Day. That’s why we created GreyNoise Alerts: a quick and easy way to set up automated queries and send you a daily report if there are results.

Use cases

Monitor your infrastructure for scanning activity

Can you let me know if any of my IP ranges have been scanning and exploiting the internet (because they might be compromised)?

Alerting on IPs seen performing specific scan-and-exploit activity

I’m interested in tracking new IPs associated with this botnet activity, and want a daily report of any new IPs .

Flexible alerting that supports GNQL

You can use our alerts to monitor a CIDR range (example: 54.24.0.0/16), or define complex alerts with GNQL syntax such as:

  • Activity related to a CVE or GreyNoise tag
  • Monitor by ASN or organization name
  • Track scans for unique web paths, JA3 fingerprints, or any IP attribute in GreyNoise

Using GreyNoise Alerts

Creating an alert is simple!  From the Alerts page , just type the query as you would in the search bar, add any emails you want to receive the report, give it a name and click “Save”. 

A screenshot of the form to create an alert in the GreyNoise visualizer.

When an alert is triggered we'll send an email summary with IPs matched to your query.

Try it now
Icon indicating link that will open in a new tab

FAQ

How can GreyNoise help my organization stay ahead of emerging threats and security trends?
How easy is it to integrate GreyNoise with our existing security tools and workflows?
How frequently is the GreyNoise database updated, and what sources does it draw from?
What kind of training or resources are available from GreyNoise to help us get started?

Documentation guides

Setting up an Alert

GreyNoise alerts are used to alert via email when an IP matching the provided alert configuration (either by CIDR or GNQL search) is observed scanning the internet.

Read more
Icon depicting right-facing arrow

GreyNoise University - Alerts

The GreyNoise University - Product Overview training series covering the alerts feature, and how you can use it to be alerted on what matters most to you.

View video
Icon depicting right-facing arrow

Featured content

Six Ways to Threat Hunt in GreyNoise

By Nick Roy

How often do you find yourself asking “is this targeting me or just opportunistically exploiting parts of the internet?” Whether this has happened to you once or happens every single day, you probably spent too much time trying to figure out the answer.

Read more
Icon depicting right-facing arrow

Work Smarter, Not Harder: How to Upgrade Your Threat Intel Program in 2023

By Nick Roy

Cyber threats are constantly evolving, and organizations need to stay on top of the latest techniques and tools to protect themselves against attacks.

Read more
Icon depicting right-facing arrow

Cut through the noise

Get a demoSearch for free
Products
Partners
Resources
Company
© 2024 GreyNoise, Inc. All rights reserved.
YouTube logoJoin us on Slack!Discord logoTikTok logo
Cookie Settings
We use cookies to ensure you get the best experience on our website. Learn more
Got it