Operational Alerts:

It is a menu point from which all alerts generated by restrictions can be viewed.

An alert is generated when a restriction with an alert specified is activated.

Alerts can be tracked with the following actions:

Justify Alert: Means the alert was correctly generated and the reason is explained. This is a final action, meaning no further action can be taken on this alert.

Handle Alert: Means the alert was incorrectly generated and action needs to be taken. This is a final action, meaning no further action can be taken on this alert.

Request Information: Means the person analyzing this alert does not have sufficient information and needs to request more information. Only a comment is entered, the alert remains active, and further information can be requested, justified, or handled. Actions can be repeated while in this state.

Development:

New tables:

The Action table with the following values:

Id Name Description

1 Handle Handle Alert

2 Justify Justify Alert

3 Info Request Information

The AlertOperational table should have:

Id (autoincremental)

TransactionId - remove, already included in alert

AlertId

Id of applied restriction

ActionId (may be null)

Explanation (here the reason why the alert was triggered should be explained, and this will vary according to the restriction, e.g., 4 failed login attempts)

DateCreate

The AlertOperationalAction table should have:

Id

AlertOperationalId

ActionId

User

Comment

DateCreate

How to attach a file should be considered for upload.

Web:

Add a menu item for operational alerts.

On the main screen, we are configured to view alerts from the last hour, with the possibility to expand search filters. Additionally, a chart displays alerts generated in the last month and the top 5 most used alerts. There is also the option to download the CSV of alerts. On the left side of the screen, there is a list of alerts, and on the right, details of a selected alert.

If an alert has null actionid, it means no action has been taken, and the following actions can be performed on alerts: Justify, Handle, or Request More Information. In any of these cases, a comment must be written, and a file must be attached.

If an alert has actionid 1 or 2, no action can be taken on the alert. If it has actionid 3, all actions can be performed.

Once an alert is justified, no further actions can be taken.

The following details should be shown on the right side of the screen:

- Restriction name that generated the alert - Transaction ID - Type: incoming/outgoing and internal/external/debit - Transaction date and time - Transaction amount - Origin CUIT and CBU - Destination CUIT and CBU - Treatment when justified, handled, or requested more information and attachments - Action taken - Date and time of action - Person who took the action - Action comment - Attachment download

Alerts can be downloaded.

In parameters, the number of days alerts are stored should be configured.

Service:

A task should be added to the service that runs continuously so that if the applied restriction triggers an alert, a record is generated in the AlertOperational table.

Additionally, the explanation field should be filled in, where the text to be displayed should be entered, e.g., more than 3 failed logins.

Daily Debugging Service:

A task should be added to debug the AlertOperational table daily, leaving only the days set in the parameter online.