Using the Alert Logic® console you can close all incidents of a certain status. For example, if you want to close all currently Open Incidents you can do this by filtering for Open incidents and then selecting them all for closure.
Note: Network IDS, Log Management, and Web Application IDS customers deployed after August 7, 2018, and Alert Logic® Cloud Insight™ customers with Amazon GuardDuty enabled, have access to a new incident notification feature in the new Alert Logic Incident Console, and thus their process for closing all incidents is different than that of current customers. If you are a customer that falls under this description, please see the instructions under the New Incident Console Experience section below. If you do not full under the description, see the Existing Incident Experience section.
- In the Alert Logic console, click Incidents in the main menu.
- Click the Search button to show the Incidents list.
- Under Search Filters, in the Filter Type list, select Status. Then in the Condition list, select in.
- In the Status list, select the status you want to search for (e.g. Open, Administratively Closed, etc.).
- Click Apply Filters.
- At the bottom of the Incidents list, click Select All.
- Right-click anywhere over the Incidents list and select Close Selected Incidents. Your incidents are now closed, and their status is now Administratively Closed.
- In the Alert Logic console, click Incidents in the main menu, and then click List.
- In the left-hand side filter bar, select the status type that you wish to bulk close.
- Scroll down to the bottom of the page to ensure that all incidents have loaded onto the page.
- Check the box to the left of the Organize by Date drop-down menu.
- In the blue box that appears at the bottom of the page, click the check mark icon ().
- Select the appropriate Threat Assessment and click Close.