Skip to main content

Alerts

Alerts are Incidents generated by 3rd party security systems or through custom detection workflows. They act as foundational "logs" in the system, capturing detailed information about incidents as they occur. Their primary purpose is to serve as the initial data points for identifying and analyzing potential security events. By aggregating relevant alerts, the system enables the creation of cases, which provide a structured way to investigate, manage, and resolve incidents effectively.


Creating a New Alert

note

Please note that you can assign multiple alerts to a single case or a single alert to many cases.

  1. Double click on the Case you want to attach the Alert(s) to, navigate to the Table Tab in the Overview Section of the selected Case, and in the top-right conner select the New Record button.
Thumbnail
  1. An Add Alert popup will open. Fill in all the necessary fields.
Thumbnail
  1. Once completed, select the Add Alert button in the bottom-right corner to add it to the Alert Table.
Thumbnail