How to Close Multiple Alerts
Closing Multiple Alerts
Closing multiple alerts at once in SecOps Platform is a way to manage and resolve numerous alerts sharing the same indicators. This feature saves time by handling multiple alerts simultaneously, ensures consistent resolution of similar issues, and simplifies the workflow for analysts, allowing them to focus on more critical tasks.
Steps:
-
Click "Update"
- Click "Update" as normal alert updating.
- Click "Update" as normal alert updating.
-
Select Multiple Alerts Option:
- Choose "Close Multiple Alerts for Problem: O365 Impossible Travel (example)".
- Choose "Close Multiple Alerts for Problem: O365 Impossible Travel (example)".
-
Select Time Frame:
- Choose the time when the alerts occurred.
- Choose the time when the alerts occurred.
-
Select Reason for Closure:
- Pick the appropriate reason for closing the alerts.
- Pick the appropriate reason for closing the alerts.
-
Update Alert:
- Click "Update Alert" to close the selected alerts.