View forensic analysis request details
Click on a forensic analysis request in Forensic Analysis or within the Forensic Analysis tab in an alert to view additional details.
When viewing a forensic analysis request, you can submit comments to the SOCaaS team using the Comments window. To send comments directly to the Forensic Analysis team, you must visit the Forensic Services portal. You can visit to the Forensic Services portal by clicking the link in the Forensic Service Portal field.
The following information is displayed:
Request ID | The SOCaaS forensic analysis request ID. | ||
Created On | The date the request was submitted. | ||
Last Modified | The last date the request was modified. | ||
Description |
The description of the submitted forensic analysis request. |
||
Endpoint |
The affected endpoint associated with the request. |
||
Status |
The status of the request. |
||
Detection Time |
The date that the alert associated with this forensic analysis request was initially created. |
||
Requested By |
The user that submitted the request. |
||
Alert ID |
The ID of the alert associated with this forensic analysis request. |
||
Forensic Service Request |
The ID of the forensic analysis request from the Forensic Service portal. You can click the link to view the request directly from the Forensic Service portal or communicate with the forensic service team.
|
||
Correlations |
Displays correlations for the forensic analysis request, including attachments submitted with alert. You can add additional attachments by clicking the Add button. |