Alerts
An alert signifies a security issue received from a 3rd party security service provider.
Creating a New Alert
note
Please note that you can assign multiple alerts to a single case or a single alert to many cases.
- Double click on the Case you want to attach the Alert(s) to, navigate to the Table Tab in the Overview Section of the selected Case, and in the top-right conner select the New Record button.
- A New Record dialogue box will open.
- Fill in all the necessary fields.
| Parameter | Description |
|---|---|
| Name | The name assigned to the alert. |
| Event | The event associated with the alert. |
| Severity | The severity rank of your Case. It can be: Low, Medium, High or Critical |
| Vendor | The Vendor associated with the alert. |
| Alert Type | The alert category type. |
| Description | A brief explanation explaining the alert. |
| Processed | A checkbox to mark the alert as processed; check to mark as processed, uncheck to mark as unprocessed. |
| Template Exists | Indicates whether the alert has been ingested into the system. |
| Linked Cases | The Name and ID of the Case(s) you want to link to this current alert. |
| Linked Observables | The Name and ID of the Observable(s) you want to link to this current alert. |
| Linked Attachments | The Name and ID of the Attachment(s) you want to link to this current alert. |
| Linked Tasks | The Name and ID of the Task(s) you want to link to this current alert. |
- Once completed, select the Add Record button in the bottom-right corner.
