Abstract
You can drill down from the triage collection to review the results.
The Triage collection results page provides an overview of the different types of triage collections initiated on an endpoint.
The triage results page is divided into the following tabs:
Alerts: Refer to Featured fields in Overview of the Alerts page for descriptions of the fields.
Artifacts: Display all of the artifact categories collected. Refer to Hunt Results for more information on the artifacts.
Host Timeline: Displays a list of normalized, per-host timelines that include multiple forensic artifacts in a single table.