The pre-configured rules in the Queries Library are created to provide you with a solution that’s intuitive and easy to implement. You can avail the easy-to-use, predefined set of queries under Configuration > Library > Queries to create alert rules or correlation rules. The correlation rules can be used to group similar events of interest and then to receive notification for the same.
All you must do is import the queries from the library and use them as they are. If required, you can also customize them to suit your organizational requirements. The tailor-made approach drastically reduces the volume of data that needs to be monitored and the complexity around it. It unifies monitoring capabilities, alerts, and event management efforts and enables you to optimize performance with dedicated focus on events that need attention and an immediate action.
Use Quick Actions menu to view what the query does, create alert and correlation rules. To create a query, choose a query and from Quick Actions menu, select Create Alert Rule or Create Correlation rule. You will be navigated to the appropriate rule wizard.