Incident Details

You can view detailed incident data on each tab to further investigate and mitigate a potential security breach in your network environment.

The following table describes the tabs that provide detailed incident information.

Table 1.

Tab

Description

Alerts

Displays detailed information of associated alerts

You can use the Status, Created, and Model drop-down lists and the search fields to filter the entries.

For more information, see Alerts Tab.

Incident Timeline

Displays the date and time of each detection from associated alerts.

You can click Incident-based Execution Profile in the upper right corner to check the root cause, lifecycle, and impact scope of an incident.

For more information, see Incident-based Execution Profile.

Impact Scope

Displays the list of entities affected by the incident

Highlighted Objects

Displays the list of highlighted objects from the associated alerts. Trend Vision One analyzes highlighted objects to correlate alerts.

You can select one or more highlighted objects and choose a response action to take on the objects.

Note:

Gmail only supports the "Delete Message" response action.