To view the
Case Tables Runtime Limitations click here. Keep in mind that the xTables in Cases have the same runtime limitations as the tables in the workspace
Create a New Case
To learn more about how to automate the process of creating a new case, navigate to Blink’s Automated Case Management documentation, to learn more
1
Navigate to Cases
In your selected workspace, navigate to the sidebar and select the ‘Case’ tab.
2
Open the New Case Form
Navigate to the top-right corner and click the ‘New Case’ button.
3
Fill in all the necessary fields
Once completed, select the ‘Add Record’ button in the bottom-right corner.
Case's Table Fields
Case's Table Fields
| Parameter | Description |
|---|---|
| Name | The name of the Case. |
| Severity | The severity rank of your Case. It can be: Low, Medium, High or Critical. |
| Status | The Case’s Status |
| Case Type | The type of case. |
| Summary | A brief summary of the case. |
| Case Manager | The email address of the user who created the case. |
| Vendors | The vendor associated with the Case |
| Overview | An overview of the Case. |
| SLA | The duration of time within which a task pertaining to the case must be completed before the SLA time period is reached. |
| Tags | Tags linked to the case. |
| Collaborators | Users who collaborate on the case |
| Mitre Attack | A MITRE ATTACK method or strategy used in the attack. This helps categorize and understand the attack better. For more information about the MITRE ATTACK feature , click here |
| Linked Alerts | The Name and ID of the Alert(s) you want to link to this current case. |
| Linked Cases | The Name and ID of the Case(s) you want to link to this current case. |
| Linked Tasks | The Name and ID of the Tasks(s) you want to link to this current case. |
| Linked Observables | The Name and ID of the Observable(s) you want to link to this current case. |
| Linked Attachments | The Name and ID of the Attachment(s) you want link to this current case. |
Editing a Case’s Status
1
You can customize your case’s status by clicking on icon next top the Status field in the case table and selecting the edit option.
2
You can edit your case’s status by modifying the names, the color that represents the status and add your own active statuses.
3
Lastly, you can modify the SLA for the maximum time a case can remain in the specific status.
4
- After you have made your desired changes click the Save button.
Summary Widget
Above the case table, you will find the Summary Widgets, showing the total alerts ingested (line chart), the total number of alerts processed (line chart), the total number cases opened by severity (donut chart), the total number of closed cases (donut chart), the total number of cases categorized by type (bar chart) and whether the SLA status was met or exceeded (donut chart).
Tip: In the top right corner, click the bar chart icon. Then, check the box next to the Summary widgets you want to show, or uncheck it to hide any widgets you don’t want displayed.
Clickable Tags in the Linked Cases Columns
Clicking on the tags in the “Linked Cases” column in the selected Case Management table (such as the Cases Table, Observables Table, Alerts Table, or Attachments Table) will open its Case Overview in a new browser tab.