Comodo Help
Find the desired product help
Xcitium SIEM

Xcitium SIEM

cWatch Network Quick Start Guide

English

Print Help Download Help
CWatch Network – Quick Start Guide > Step 7 - Manage Incidents
  • CWatch Network – Quick Start Guide
    • Step 1 - Login To CWatch Admin Console
    • Step 2 - Add Customers And Their Assets
    • Step 3 - Deploy Nxlog, Rsyslog And Network Monitoring Sensors
    • Step 4 - Add Users
    • Step 5 – Configure Event Queries
    • Step 6 - Configure Correlation Rules
    • Step 7 - Manage Incidents
    • Step 8 - Generate Reports

Step 7 - Manage Incidents 

 

  • cWatch will generate an 'Incident' when it identifies events which match a correlation rule.
  • Incidents are assigned to the user who is handling/supporting the customer.
    • An incident remains open until the user closes it.
      • Admins can manually add incidents and assign them to users if certain tasks are required on a customer network.
      • The number of open incidents is shown beside the notification icon in the title bar.


      Manage Incidents


      To manage incidents

      • Click the 'Menu' button > 'Incidents' > 'Incident Management'.
      • The 'Incident Management' screen lists recent incidents along with details such as customer network, the user to whom it is assigned and so on.
      • You can view incident details, reassign them to different users, close/re-open incidents and more.

      The 'Incident Management' screen:




      • Use the drop-down menus on the left to filter incidents. Click 'Search' to execute the query. You can combine filters to run more granular searches.
      • You can also click the notification icon on the title bar to open this screen:


         

        The example below shows all incidents from all customer networks.




        From this interface you can:

        • View the details of incidents

        • Add and assign incidents to users
        • Edit and Reassign an incident
        • Delete an incident

        See 'Manage Incidents' for more details.

        Our Products
        • Free Antivirus
        • Free Internet Security
        • Website Malware Removal
        • Free Anti-Malware
        • Anti-Spam (Free Trial)
        • Windows Antivirus
        • Antivirus for Windows 7
        • Antivirus for Windows 8
        • Antivirus for Windows 10
        • Antivirus for MAC
        • Antivirus for Linux
        • Free Endpoint Security
        • Free ModSecurity
        • Free RMM
        • Free Website Malware Scanner
        • Free Device Manager for Android
        • Free Demo
        • Network Security
        • Endpoint Protection
        • Antivirus for Android
        • Comodo Antivirus
        • Wordpress Security
        Cheap CDN
        • Bootstrap CDN
        • Semantic UI CDN
        • Jquery CDN
        • CDN Plans
        • CDN
        • Free CDN
        Enterprise
        • Patch Management Software
        • Patch Manager
        • Service Desk
        • Website Down
        • Endpoint Protection Solutions
        • Website Security Check
        • Remote Monitoring and Management
        • Website Security
        • Device Manager
        • ITSM
        • CRM
        • MSP
        • Android Device Manager
        • MDR Services
        • Ransomware Prevention
        • Managed IT Support Services
        • Free EDR
        Free SSL Certificate
        Support Partners Terms and Conditions Privacy Policy

        © Comodo Group, Inc. 2024. All rights reserved.