Views:

Trigger Workbench alerts based on user-defined event filters.

Important
Important
You can create a maximum of 50 custom models.
The Custom Models tab of Detection Model Management lists your organization's custom detection models.
The following table outlines the actions available on the Custom Models tab.
Action
Description
Add a custom model
Click Add to create a custom model.
Filter custom models
Use the Search field and drop-down lists to locate specific detection models.
  • Severity: The user-defined severity level of the detection model
  • Status: The status of the detection model
  • Last updated: The period of time when the detection model was last updated
  • Search: Provides partial matching for the model ID, name, or filters
Enable or disable a model
Turn the toggle on or off to enable or disable the detection model
Edit a custom model
Click the edit icon (edit_icon=GUID-1F1D1164-5310-4D6D-ACD0-6049C86960AF.png) for the model.
Important
Important
Changes to the name or description of a custom model are not reflected in Workbench alerts previously triggered by the model.
Delete custom models
Select the checkboxes for the models you want to delete and click Delete
Deleting a custom model does not delete the custom filter used by the model.
Related information