You can view detailed incident data on each tab to further investigate and mitigate a potential security breach in your network environment.
The following table describes the tabs that provide detailed incident information.
Tab |
Description |
---|---|
Alerts |
Displays detailed information of associated alerts You can use the Status, Created, and Model drop-down lists and the search fields to filter the entries. For more information, see Alerts Tab. |
Incident Timeline |
Displays the date and time of each detection from associated alerts. You can click Incident-based Execution Profile in the upper right corner to check the root cause, lifecycle, and impact scope of an incident. For more information, see Incident-based Execution Profile. |
Impact Scope |
Displays the list of entities affected by the incident |
Highlighted Objects |
Displays the list of highlighted objects from the associated alerts. Trend Vision One analyzes highlighted objects to correlate alerts. You can select one or more highlighted objects and choose a response action to take on the objects. Note:
Gmail only supports the "Delete Message" response action. |