Fortinet Document Library

Version:

Version:


Table of Contents

New Features

Download PDF
Copy Link

Assign events for alert triage 7.0.1

SOC administrators now have the option to assign events to a SOC analyst for alert triage and has more visibility on who is working on what.

To assign events for alert triage:
  1. Go to FortiSoC > Event Monitor.
    Before this enhancement, there is no visibility for analysts to tell if an alert is being worked on and by whom until an incident is raised.

    After this enhancement, a new Assigned To function has been added which allows users to right-click an alert and assign it.
  2. After clicking Assign To a dialog window appears allowing the user to choose to assign the alert to themselves or other users.
  3. Four additional columns have been added to Event Monitor for better alert tracking and avoiding duplicate work including Acknowledged, Acknowledged By, Comment, and Comment By.

Assign events for alert triage 7.0.1

SOC administrators now have the option to assign events to a SOC analyst for alert triage and has more visibility on who is working on what.

To assign events for alert triage:
  1. Go to FortiSoC > Event Monitor.
    Before this enhancement, there is no visibility for analysts to tell if an alert is being worked on and by whom until an incident is raised.

    After this enhancement, a new Assigned To function has been added which allows users to right-click an alert and assign it.
  2. After clicking Assign To a dialog window appears allowing the user to choose to assign the alert to themselves or other users.
  3. Four additional columns have been added to Event Monitor for better alert tracking and avoiding duplicate work including Acknowledged, Acknowledged By, Comment, and Comment By.