Apply and save filters

Filters enable you to narrow your case search in the queue to precisely target the cases you want to analyze.

Each filter can be added using either AND/OR condition.
Each filter can include an Is/Is Not Condition.

The following filters are available:

  • Time Frame
  • Alert Name
  • Product
  • Playbook Status
  • Analysts (note that you can also choose to include analysts that are part of a role. So for example you can choose just Tier2 and if Alex Smith (who is part of a Tier2) has a case assigned to him - this will appear in the filtered display)
  • Environment
  • Priorities
  • Stages
  • Tags

For example, let's create a filter to display cases that are High Priority but not in the Investigation stage from the last 24 hours.

  1. Click filtericon Open Filter.
  2. Fill in the required information as follows:
    • Time Frame: Last 24 hours.
    • Priorities IS High.
      • And
    • Stages IS_NOT Investigation.
    applyandsavefilters
  3. If you want to save the filter for future use, click Save Filter and give it a name. The filter will be saved under the downward arrow in the Case Queue Header for future use. You can edit and delete filters from this saved filter list.
  4. Next, click Apply to apply the filter to the case queue.