Auto-dismiss Severity 3 alerts.

Follow

Auto-Dismiss.pngThreat Stack recommends that users retain their Severity 3 alerts for logging, compliance and threat hunting purposes and that they review them accordingly. Users can automatically dismiss Severity 3 alerts at regular time intervals.

Please note that dismissed alerts may be accessed at any time by navigating to the Alerts page and clicking on the "Dismissed Alerts" tab.

To turn on the Auto-Dismissal feature, login as the Account Owner. 

Navigate to Settings page via the left-hand menu. By default you will land on General Settings tab. Scroll to the bottom to access "Alert Settings." 

Move the slider to enable the feature, choose your time period, and click the "Update Alert Settings" button. 

 

After enabling the feature it could be up to 4 hours before the first Auto-dismiss process runs. It will then run every 4 hours afterwards. 

 

To get visibility into which alerts were dismissed automatically and when, navigate to the Audit Log page via the left menu. You will see an audit log entry for each batch dismissal performed by the system. 

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.