Views:
The Detection & Response > Noteworthy Events / Detection screen lists all of the Noteworthy Events that occurred during the past 60 days.
Worry-Free Services creates a Noteworthy Event when a threat detection correlates to one or more potentially suspicious objects. A Noteworthy Event contains information about the target endpoint, Analysis Chain, First Observed Object, and Noteworthy Object(s).
Tip
Tip
You can configure Remote Manager to send email notifications when Noteworthy Events occur.
For more information see, Configuring Noteworthy Event notifications.
The following table outlines the tasks available for Noteworthy Events.
Task
Description
Filter the list
You can filter events by period or customer.
Search Event ID
You can search for Noteworthy Events using the event ID.
Change the event status
Select events from the list, click Mark As, and select one of the following statuses:
  • New
  • Under investigation
  • Closed
Tip
Tip
Closed investigations are hidden by default. To show hidden investigations, disable Hide closed investigations.
Download reports
  • Click Generate Statistical Report to download an Excel file containing statistical information such as the number of Noteworthy Events and actions taken per customer.
  • Click Export Event List to download a CSV file containing a detailed list of Noteworthy Events.
Note
Note
The period of reports is the last 60 days.
View the Analysis Chain
Click the link in the Event ID column to view more details about the event and perform further investigation on Noteworthy Object.
For more information, see Analysis Chains.
Related information