cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed

SAS Visual Investigator and Working with Alerts

Started ‎10-16-2017 by
Modified ‎12-19-2017 by
Views 5,310

SAS Visual Investigator now has a component called Scenario Administrator. Scenario Administrator provides fraud detection authoring and surveillance capabilities to the SAS Visual Investigator product. Scenario Administrator is a data-driven tool, designed to allow users to explore their data and author surveillance strategies and decision flows to generate Alerts with the SAS Visual Investigator interface.

 

The illustration below from the SAS Visual Investigator 10.2: Using the Scenario Administrator guide depicts the Scenario Administrator Process. In my previous article, the steps that are performed within the Scenario Administrator user interface (steps 1 – 5) were reviewed. Step 6 – Investigate, disposition, and triage generated alerts – which is performed in the SAS Visual Investigator user interface is the topic of this article.

 

 

ScenarioAdmin.png

 

 

  

  1. Investigate, Disposition, and Triage Generated Alerts

When the flow run is complete, you can perform further review and analysis of the alerts generated in SAS Visual Investigator.  

 

If the administrator has added the Alert Summary section to your homepage, then you can view a summary of the alerts by strategy and queue. Note: You will only have the summary information for queues to which you or a group to which you belong has access.

  

AlertSummary.png

 

 

 

Also, if your Homepage has the Personal Metrics section, you can view the metrics about your work with Alerts for Today, Yesterday, Last 7 days, or Last 30 days. These metrics can also be filtered for a particular Strategy that you or a group to which you are assigned has access.

  

PersonalMetrics.png

 

 

 

To view the individual alerts, select the Alerts menu in SAS Visual Investigator. The Alerts tab is filtered by their strategy assignment. You will only be able to view strategies to which you or a group to which belong has access.

  StrategyFilter.png

 

 

 

You can then open an Alert to start your investigation/triage of the alert. The alert will have alert detail information including its scorecard, network, triggers, scoring history, and alert history. 

  

Alert.png

 

 

 After reviewing the alert information, you can then select the appropriate disposition.  A disposition allows an analyst to apply specific actions such as:

  • Closing the alert
  • Suppressing the alert for a specified period of time
  • Moving the alert to a different queue
  • Linking the alert to an object.

Note:  The available dispositions will vary by queue and are setup by an administrator of the system.

 

AlertDisposition.png

 

 

 

For more information on working with Alerts, refer to the Understanding Alerts section of the SAS Visual Investigator documentation.  Note:  The SAS Visual Investigator documentation requires an access key, if you do not already have one, contact SAS Technical Support.

 

0 Likes
Version history
Last update:
‎12-19-2017 10:42 AM
Updated by:
Community Manager

hackathon24-white-horiz.png

The 2025 SAS Hackathon has begun!

It's finally time to hack! Remember to visit the SAS Hacker's Hub regularly for news and updates.

Latest Updates

SAS AI and Machine Learning Courses

The rapid growth of AI technologies is driving an AI skills gap and demand for AI talent. Ready to grow your AI literacy? SAS offers free ways to get started for beginners, business leaders, and analytics professionals of all skill levels. Your future self will thank you.

Get started

Article Labels
Article Tags