After determining that a high-risk user account maintains a lower risk score, remove the account from the Zscaler restricted user group using the Response Management app.
This task is supported by the following services:
![]() |
ImportantThe response action is available only after you have
configured
Zscaler Internet Access integration in Third-Party Integration.
|
Procedure
- In the Response Management app, find the user account and
click the options button (
) at the right of the row.
- Click Remove from Zscaler Restricted User Group.The Remove from Zscaler Restricted User Group screen appears.
- Confirm the targets of the response.
- Specify a Description for the response or event.
- Click Create.Trend Vision One creates the task and displays the current task status in Response Management.
- Monitor the task status.
- Open Response Management.
- (Optional) Locate the task using the Search field or by selecting Remove from Zscaler Restricted User Group from the Action drop-down list.
- View the task status.
-
In progress (
): Trend Vision One sent the command and is waiting for a response.
-
Successful (
): The command was successfully executed.
-
Partially successful (
): The task was unsuccessful on one or more IAM service
-
Unsuccessful (
): The task was unsuccessful on all connected IAM services
-
Pending approval (
): The task is pending approval from specified users
-
Rejected (
): The task has been rejected
-
Queued (
): The managing server queued the command because the agent was offline.
-
Manually terminated (
): The task has been manually terminated
-