The following article describes how to close all incidents of a certain status in the Alert Logic® console.
Note: If your account subscriptions provide you with the Alert Logic Incident Console and its features, as seen in the below image, the information within the below New Incident Console Experience section applies to you. All other customers will receive the Incident Console in the coming months. Contact Alert Logic Support with questions about the availability of these features.
- In the Alert Logic console, click Incidents in the main menu.
- Click the Search button to show the Incidents list.
- Under Search Filters, in the Filter Type list, select Status. Then in the Condition list, select in.
- In the Status list, select the status you want to search for (e.g. Open, Administratively Closed, etc.).
- Click Apply Filters.
- At the bottom of the Incidents list, click Select All.
- Right-click anywhere over the Incidents list and select Close Selected Incidents. Your incidents are now closed, and their status is now Administratively Closed.
- In the Alert Logic console, click Incidents in the main menu, and then click List.
- In the left-hand side filter bar, select the status type that you wish to bulk close.
- Check the bulk actions box to the left of the Organize by... drop-down menu.
- Scroll down to the bottom of the page to confirm that all incidents are checked. If there are more incidents within the status type than can fit on one page, scroll to the bottom of the list to have each incident checked. Note: There is a limit of 100 incidents per bulk group.
- Once you've confirmed that all incidents in the status type are within the bulk group, click the check mark icon ().
- Select the appropriate Threat Assessment and click Close.