Use the Task Tracking tab on the Managed Detection and Response screen to track and view the statuses of approved or rejected investigation tasks and commands.
To view the status of Managed Detection and Response task commands, use the Command Tracking screen.
For more information, see Tracking Managed Detection and Response Task Commands.
Apex Central only retains investigation task information for 90 days after submission by the Threat Investigation Center.
-
Click the right arrow icon (
)
next to a task description to view task command information.
A table appears and displays the following details:
Column
Description
Command Status
The deployment status of the task command
For more information, see Threat Investigation Center Command Statuses.
Endpoint
The name of the target endpoint
IP Address
The IP address of the target endpoint
User
The name of the user that last logged on to the target endpoint
Approved / Rejected
The local time on the Apex Central server for when the task was approved or rejected by the administrator
Approved / Rejected By
The user account name of the administrator that approved or rejected the task
Last Updated
The local time on the Apex Central server of the latest status update