Alerts
An alert signifies a security issue received from a 3rd party security service provider.
Creating a New Alert
note
Please note that you can assign multiple alerts to a single case or a single alert to many cases.
- Double click on the Case you want to attach the Alert(s) to, navigate to the Table Tab in the Overview Section of the selected Case, and in the top-right conner select the New Record button.
- A New Record dialogue box will open.
- Fill in all the necessary fields.
Parameter | Description |
---|---|
Name | The name assigned to the alert. |
Event | The event associated with the alert. |
Severity | The severity rank of your Case. It can be: Low, Medium, High or Critical |
Vendor | The Vendor associated with the alert. |
Alert Type | The alert category type. |
Description | A brief explanation explaining the alert. |
Processed | A checkbox to mark the alert as processed; check to mark as processed, uncheck to mark as unprocessed. |
Template Exists | Indicates whether the alert has been ingested into the system. |
Linked Cases | The Name and ID of the Case(s) you want to link to this current alert. |
Linked Observables | The Name and ID of the Observable(s) you want to link to this current alert. |
Linked Attachments | The Name and ID of the Attachment(s) you want to link to this current alert. |
Linked Tasks | The Name and ID of the Task(s) you want to link to this current alert. |
- Once completed, select the Add Record button in the bottom-right corner.