INVESTIGATE SIGNALS
      Back to home
      1. KNOWLEDGE BASE
      2. SECURITY MONITORING
      3. INVESTIGATE SIGNALS

      Add Multiple Signals to a Case

      Signals generally coalesce within a rolling window of three hours if all the fields match, including suspects and target list.

      In case if there is a time difference of more than three hours but all the other values match you can select the checkbox to move all those signals into the case.

      To add multiple signals to a case follow the steps mentioned below.

      • Select the icon Add Multiple signals to case, a checkbox will be added next to each signal.

      image 1-Dec-07-2023-12-43-38-0357-PM

      • Select the signals that you want to add to a case.

      image 2-Dec-07-2023-12-43-48-2856-PM

      • Click Add to Case after selecting the signals, the following screen will be displayed.

      image 3-Dec-07-2023-12-43-59-9501-PM

      • Select/ unselect the checkbox Include similar signals from last 1d as per your requirement, this checkbox is selected by default.
      • You can search for a recent case and click save to add the selected signals to an existing case or click on the plus sign to create a new case.

      image 4-Dec-07-2023-12-44-11-7267-PM

      Field Description
      Name Enter a name for the new case
      Severity Select a severity level for these signals and case
      image 5-Dec-07-2023-12-44-24-8524-PM Click this icon to search for existing cases
      image 6-Dec-07-2023-12-44-43-4071-PM Click this icon to create a new case
      image 7-Dec-07-2023-12-44-59-6395-PM Click this icon save the Case

      image 8-Dec-07-2023-12-45-19-1811-PM

      Handler

      		 Assign a handler to this case