Investigating past incident snapshot generation events - Incident Snapshots Generator 3.0.0.0

Security Center Incident Snapshots Generator Plugin Guide 3.0.0.0
Product
Incident Snapshots Generator
Content type
Guides > Plugin and extension guides
Version
3.0
Release
3.0.0.0
ft:locale
en-US
Last updated
2023-03-23

The Incident Snapshots Generator Incident snapshots audit task is an investigation task in Security Desk. You can use this task to search for incident snapshot generation events performed in Security Center, and see which Security Center users triggered the incidents and when.

Before you begin

Ensure you have the required Incidents snapshots monitoring privilege.

Procedure

  1. From the Security Desk homepage, open the Incident snapshots audit task.
  2. Set up the query filters for the report. Choose from the following filters:
    NOTE: To ignore a filter, leave it blank or turn it off.
    Entities
    Select one or more entities.
    Incident IDs
    Click Add () to enter a specific incident ID.
    Events
    Select one or more incident event types.
    Time range
    Filter by time range. This filter applies to timestamps defined by the Time range type. The range can be defined for a specific period or for global time units, such as the previous week or the previous month.
  3. Click Generate report.
    Incident snapshots audit task show a generated report.