Help
FortiSOAR Knowledge Base
FortiSOAR: Security Orchestration and Response software provides innovative case management, automation, and orchestration. It pulls together all of an organization's tools, helps unify operations, and reduce alert fatigue, context switching, and the mean time to respond to incidents.
Andy_G
Staff
Staff

Created on ‎06-04-2020 09:02 AM

Article Id 194123

Technical Note: [FortiSOAR / Cybersponse Tricks'n'Tips] Metrics of Alert Lifeycle

Description

Challenge 

The challenge of this use-case is to display the metrics of the lifecycle of an Alert in CyOPs


Solutions

By calculating Alert ingestion, assignment and resolution time, the metrics are displayed on the details page of the Alert

 

Prerequisites

Community Edition OVA


Flow

⦁ Ingest an Alert in CyOPs and assign to respective analyst

⦁ Perform required investigation on the alert (Optional)

⦁ Once required activity is finished on the Alert, update Alert status to Close

⦁ Add Closer Notes and click on Update


Screenshot s

 

Metrics View:

 

image

 

 

 

 

 

Playbook Location:

Automation -> Playbooks -> Collections -> 07 - SLA -Alerts -> Alert > Set SLA - 06 - Metrics


image



177
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.