← Support | April 2020.
What are Assertions?
Assertions are user created rules to check for specified indicators that the user wants to be alerted on.
Typically, in order to monitor environment specific indicators, users are creating queries with the query result being an Assertion. Assertions have
true/false values, with
true (green) the assertion not triggering and no alert being raised, and
false (red) the condition not fulfilled, and alerts being raised.
Besides of manually creating Assertion, you can also import Assertions.
For the Nozomi Guardian, if an Assertion fails, the failing Assertion will trigger an alert.
In the Guardian Community Edition the Alert feature is not included. However, you will be able to see the triggered Assertions on the Assertion page. The triggered Assertions will be highlighted in red, the untriggered in green.
The Nozomi Networks Guardian Community Edition does not include the Threat Intelligence subscription, that can be included with the Guardian. To enable threat monitoring with the Guardian Community Edition, Nozomi Networks created Assertion rules specifically for the Community Edition, take some of the Threat indicator and translating these into Assertion rules. The Assertion only represent a subset of the Threat Intelligence, but already provide value to users.
For Guardian Community Edition version 19.0.4 or 20.0.0, the specific Assertion rules posted by Nozomi can be downloaded and imported.