Views:

Trigger Workbench alerts based on user-defined event filters.

Important
Important
You can create a maximum of 50 custom models.
The Custom Models tab of Detection Model Management lists your organization's custom detection models.
The following table outlines the actions available on the Custom Models tab.
Action
Description
Add a custom model
Click Add to create a custom model.
Filter custom models
Use the Search filters to locate specific detection models.
  • Severity: The user-defined severity level of the detection model
  • Status: The status of the detection model
  • Last updated: The period of time when the detection model was last updated
  • Search: Provides partial matching for the model ID, name, or filters
Enable or disable a model
Toggle to enable or disable the detection model
Edit a custom model
Click the edit icon (edit_icon=GUID-1F1D1164-5310-4D6D-ACD0-6049C86960AF.png) for the model.
Important
Important
Workbench alerts previously triggered by a custom model do not reflect changes to the model's name or description.
Delete custom models
Select the models and click Delete.
Deleting a custom model does not delete the custom filter used by the model.
Related information