Review alerts - The alerts table displays all the collections within the investigation that has identified suspicious or malicious activity within the forensics data sets. - Administrator Guide - Cortex XDR - Cortex - Security Operations

Cortex XDR Documentation
Product
Cortex XDR
License
Prevent
Pro
Creation date
2024-03-06
Last date published
2025-07-10
Category
Administrator Guide
Abstract

The alerts table displays all the collections within the investigation that has identified suspicious or malicious activity within the forensics data sets.

The alerts table displays all the collections within the investigation that has identified suspicious or malicious activity within the forensics data sets.

Refer to Featured fields in Overview of the Alerts page for the descriptions of the table fields.

The following actions are available for a selected alert.

  • Change status

  • Change severity

  • Investigate causality chain

  • Run playbook

  • Manage alerts