Review alerts - Administrator Guide - Cortex XDR - Cortex - Security Operations

Cortex XDR Documentation

Product
Cortex XDR
Creation date
2024-03-06
Last date published
2024-10-01
Category
Administrator Guide
Abstract

The alerts table displays all the collections within the investigation that has identified suspicious or malicious activity within the forensics data sets.

The alerts table displays all the collections within the investigation that has identified suspicious or malicious activity within the forensics data sets.

Refer to Featured fields in Overview of the Alerts page for the descriptions of the table fields.

The following actions are available for a selected alert.

  • Change status

  • Change severity

  • Investigate causality chain

  • Run playbook

  • Manage alerts