Export alert details to a file - Administrator Guide - Cortex XSIAM - Cortex - Security Operations

Cortex XSIAM Documentation

Product
Cortex XSIAM
Creation date
2024-03-06
Last date published
2024-10-10
Category
Administrator Guide
Abstract

You can review alert details offline by exporting alerts to a TSV file.

To archive, continue investigation offline, or parse alert details, you can export alerts to a tab-separated values (TSV) file:

  1. From the Alerts page, adjust the filters to identify the alerts you want to export.

  2. When you are satisfied with the results, click the download icon (download-to-file-icon.png).

    The icon is grayed out when there are no results.

    Cortex XSIAM exports the filtered result set to the TSV file.