Follow

Using Incident Tagging | Best Practices

In This Article

Description

The following article describes how to add tags to incidents so they are easier to locate in the Alert Logic® console. Tagging allows you to assign keywords to incidents located by Alert Logic Threat Manager™ and Alert Logic Log Manager™. When reviewing incidents, you can then search for incidents based on the keywords you assigned.

Adding Tags to Incidents

Use the following procedure to assign keywords to incidents.

  1. Navigate to the Incidents page in the Alert Logic console.
  2. In the left navigation area, under Monitoring, click Incidents, if it is not already selected. 
  3. In the displayed list of incidents, click the ID value for the incident to tag. 
    The incident details display. The first section displays a set of details about the incident, such as ID, Threat Rating, Status, and Tags. 
  4. Click Add tags in the gray box next to the Tags field. A field to add tags displays.
  5. Type tags to add to the incident and click Save Tags.

The tags are assigned to the incident and can be used when searching for incidents.

Searching for Incidents by Tags

Use the following procedure to search for incidents based on the tags you assigned.

  1. Navigate to the Incidents page in the Alert Logic console.
  2. In the left navigation area, under Monitoring, click Incidents, if it is not already selected.
  3. On the Incidents page, click Search Filters in the top right section.
  4. In the drop-down list of filtering options, click Tags.
  5. In the drop-down list of operations, select an operation for the search term for the selected filter (for example, contains).
  6. For the search term, enter the keyword (tag) to search by.
  7. Click Apply Filters to run your search query. Only those incidents that contain the entered tag are displayed in the list of incidents.
  8. (Optional) If you expect to search for the same tag regularly, you can save the filter by entering a name in the Save filters as: box and clicking Save.

Additional Information

For more information on monitoring incidents, refer to our Monitor incidents documentation.  

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.