Untuk melihat detail kasus identitas dan kasus kesalahan konfigurasi akses dari
halaman Temuan, lakukan langkah-langkah berikut:
Di konsol Google Cloud , pilih Temuan di navigasi.
Klik Identitas untuk menampilkan kueri yang telah difilter sebelumnya untuk temuan identitas dan akses.
Identifikasi temuan dengan nilai di kolom ID Kasus.
Lakukan salah satu tindakan berikut untuk membuka detail kasus:
Klik nilai di kolom ID Kasus.
Klik nama temuan di kolom Kategori. Di panel Detail temuan, buka bagian Informasi kasus. Klik nomor ID kasus di baris ID Kasus.
Jendela Kasus akan terbuka dan menampilkan detail tentang kasus, termasuk
informasi berikut:
Daftar peristiwa pemberitahuan yang terkait dengan kasus
Playbook yang dilampirkan ke pemberitahuan
Deskripsi temuan
Langkah berikutnya untuk perbaikan
Informasi tentang aset yang terpengaruh
Informasi tiket (jika Anda menghubungkan sistem penyediaan tiket ke Security Command Center)
Jika telah menghubungkan Security Command Center ke Jira atau ServiceNow, Anda
dapat menggunakan link ID tiket untuk membuka sistem penyediaan tiket.
Periksa tab Case Wall untuk mengetahui detail tentang aktivitas yang dilakukan pada kasus dan pemberitahuan yang disertakan.
Periksa tab Ringkasan Kasus untuk melihat ringkasan lengkap kasus.
Di halaman Kasus, Anda dapat melihat semua kasus yang dibuat untuk lingkungan Anda, bukan hanya kasus identitas dan akses. Anda dapat menavigasi semua kasus yang ada dalam daftar kasus di sisi kiri halaman. Anda juga dapat menelusuri dan memfilter daftar untuk mempermudah mengidentifikasi kasus yang perlu difokuskan.
Untuk mengetahui informasi selengkapnya tentang cara menangani kasus, lihat
Ringkasan kasus.
[[["Mudah dipahami","easyToUnderstand","thumb-up"],["Memecahkan masalah saya","solvedMyProblem","thumb-up"],["Lainnya","otherUp","thumb-up"]],[["Sulit dipahami","hardToUnderstand","thumb-down"],["Informasi atau kode contoh salah","incorrectInformationOrSampleCode","thumb-down"],["Informasi/contoh yang saya butuhkan tidak ada","missingTheInformationSamplesINeed","thumb-down"],["Masalah terjemahan","translationIssue","thumb-down"],["Lainnya","otherDown","thumb-down"]],["Terakhir diperbarui pada 2025-09-09 UTC."],[],[],null,["| Enterprise [service tier](/security-command-center/docs/service-tiers) (not available if [data residency controls](docs/data-residency-support) are enabled)\n\nThis page explains how to review cases corresponding to identity and access\nfindings in Security Command Center.\n\nSecurity Command Center automatically creates cases for threat findings, toxic combinations, and findings related to toxic combinations.\n\nBefore you begin\n\nMake sure you have completed the following tasks before continuing:\n\n- Learn about [Security Command Center's CIEM capabilities](/security-command-center/docs/ciem-overview).\n- [Set up permissions for CIEM](/security-command-center/docs/ciem-enable-service#ciem-permissions).\n- [Enable the CIEM detection service for AWS](/security-command-center/docs/ciem-enable-service).\n- [Connect your ticketing system](/security-command-center/docs/integrate-ticketing-systems).\n\nView case details\n\nTo view the case details of an identity and access misconfiguration case from\nthe **Findings** page, take the following steps:\n\n1. In the Google Cloud console, select **Findings** in the navigation.\n2. Click **Identity** to display a pre-filtered query for identity and access findings.\n3. Identify a finding with a value in the **Case ID** column.\n4. Do one of the following to open the case details:\n\n - Click the value in the **Case ID** column.\n - Click the finding name in the **Category** column. In the **Finding\n details** pane, go to the **Case information** section. Click the case ID number in the **Case ID** row.\n\n The **Cases** window opens and displays details about the case, including the\n following information:\n - List of alert events associated with the case\n - Playbooks attached to the alert\n - A finding description\n - Next steps for remediation\n - Information about the impacted asset\n - Ticket information (if you connected your ticketing system to Security Command Center)\n5. If you have connected Security Command Center to Jira or ServiceNow, you\n can use the ticket ID link to navigate to your ticketing system.\n\n6. Check the **Case Wall** tab for details about the activity performed on the\n case and included alerts.\n\n7. Check the **Case Overview** tab for a full overview of the case.\n\nOn the **Cases** page, you can see all cases created for your environment,\nnot just identity and access cases. You can navigate all\nexisting cases in the cases list on the left side of the page. You can\nalso search and filter the list to make it easier to identify cases to\nfocus on.\n\nFor more information on working with cases, see\n[Cases overview](/security-command-center/docs/cases-overview).\n\nWhat's next\n\n- Learn how to [investigate identity and access findings](/security-command-center/docs/ciem-identity-access-findings).\n- Learn more about cases from the Google SecOps documentation:\n - [Cases overview tab](/chronicle/docs/soar/investigate/working-with-cases/whats-on-the-case-overview-tab)\n - [What's on the Cases page?](/chronicle/docs/soar/investigate/working-with-cases/whats-on-the-cases-screen)\n - [How to perform a manual action on a case](/chronicle/docs/soar/investigate/working-with-cases/perform-a-manual-action)\n - [How to simulate cases](/chronicle/docs/soar/investigate/working-with-cases/simulate-cases)\n - [Work with playbook blocks](/chronicle/docs/soar/respond/working-with-playbooks/working-with-playbook-blocks)"]]