Views:

Check detailed information about a Workbench insight and the list of alerts included in the insight.

Workbench Insights Alerts displays the list of alerts associated with an insight and other details about the insight.
The following table outlines the available actions for Alerts.
Action
Description
Change the alert status
Select one or more alerts and click Change Status to update the progress of alerts or investigations.
Note
Note
If you select Closed - false positive, you need to specify why you think this alert was false.
Link alerts to an insight
After performing an alert investigation, select one or more alerts and click Associate with Insight to associate the selected alerts with the specified insight.
Note
Note
  • If an alert is manually linked to an insight or unlinked from an insight, Trend Vision One does not correlate the alert if a new alert is received.
  • An alert can only be associated with one insight.
Remove alerts from an insight
After performing an alert investigation, select one or more alerts and click Remove from Insight.
Note
Note
If an alert is manually linked to an insight or unlinked from an insight, Trend Vision One does not correlate the alert if a new alert is received.
Execute Automated Response Playbooks
Select one or more alerts and click Execute Playbook to execute Automated Response playbooks for the specified alerts.
Important
Important
To initiate automated response for the selected alerts, configure Automated Response Playbooks first.