Comodo Help
Find the desired product help
Xcitium SIEM

Xcitium SIEM

cWatch Network Admin Guide

English

Print Help Download Help
Incidents > Category Action Management
  • Introduction To Comodo CWatch Network
    • Purchase A License
    • Log-in To The Admin Console
  • The Main Interface
  • The Dashboard
  • Customer Asset Management
    • Add Customers
    • Add Assets For Monitoring
      • Hard Assets
      • Soft Assets
    • Configure Nxlog And Rsyslog To Send Logs To CWatch Network Server
    • Edit Customers
  • Query Management
    • Configure Event Queries
    • Long Term Analysis
    • Configure Custom Dashboards
    • Event Field Selection Settings
  • Manage Rules
    • Manage Correlation Rules
    • Manage Tagged Rules
    • Manage Aggregation Rules
  • Incidents
    • Manage Incidents
    • Incident Category Management
    • Category Action Management
  • Lists
    • Manage Live Lists
    • Manage Live List Content
    • Manage Range List Content
    • Manage IP Range List Content
    • Manage Multiple Column List Content
  • Manage Reports
  • Administration
    • Event Collection
    • Phantom Settings
    • Manage Users
    • View License And Subscription Details
  • Appendix 1 – Field Groups And Event Items Description
  • Appendix 2 – CWatch Supported Logs
  • About Comodo Security Solutions

Category Action Management

 

  • Click the 'Menu' button > 'Incidents' > 'Incident Management'.
  • The category action area lets you manage the actions performed on a class of incidents.
  • You can also open this area from by selecting a category in the 'Incident Category Management' screen
  • You can manually create and remove actions for incidents
  • To open the interface:
     
  • Click the 'Menu' button > 'Incidents' > 'Incident Management'.




The 'Incident Category Action List' screen will open:




  • You can filter the action list by selecting 'Type' and 'Status' of the incident
  • The left hand side panel of the interface displays a list of filters to specify a particular group of incidents
  • Specify values from the 'Type', 'Status' and 'Category' drop-down, and then click 'Search'

Custom Dashboards Interface - Table of controls

Category

The incident type. For example, 'Malware activity' or 'Unusual network Traffic'.

Status

Shows whether the incident is 'Open', 'In-Progress', 'False Positive' or 'Closed'.

Type

Whether the event was automatically or manually generated. Automatic events are called 'Correlated'. Manual events are called 'Default'.

Description

Specifies the current status of action in a line.

Confirmation

Confirmation required to perform the action.


Add a Category Action

  • Click 'Add' at the bottom-right of the interface:




 

The 'Add Category Action' dialog will open. Users can now follow up and close their category of incidents with the actions assigned to them

  • Select the category name to which you want to add an action
  • Choose the status of your incident category from the 'Status' drop-down list
  • Select the type of action you want to take from the 'Type' drop down
  • Enter the email address of the user in the 'Email Address' field
  • Select 'Send to Assignee' option if you want to send emails to the user assigned in the category management interface
  • Click 'Save' to add the action to the list

Delete an Incident Action List

  • Select the incident that you want to deleted and click the 'Delete' button on the bottom right



A confirmation dialog will be displayed before you want to delete the incident.



Our Products
  • Free Antivirus
  • Free Internet Security
  • Website Malware Removal
  • Free Anti-Malware
  • Anti-Spam (Free Trial)
  • Windows Antivirus
  • Antivirus for Windows 7
  • Antivirus for Windows 8
  • Antivirus for Windows 10
  • Antivirus for MAC
  • Antivirus for Linux
  • Free Endpoint Security
  • Free ModSecurity
  • Free RMM
  • Free Website Malware Scanner
  • Free Device Manager for Android
  • Free Demo
  • Network Security
  • Endpoint Protection
  • Antivirus for Android
  • Comodo Antivirus
  • Wordpress Security
Cheap CDN
  • Bootstrap CDN
  • Semantic UI CDN
  • Jquery CDN
  • CDN Plans
  • CDN
  • Free CDN
Enterprise
  • Patch Management Software
  • Patch Manager
  • Service Desk
  • Website Down
  • Endpoint Protection Solutions
  • Website Security Check
  • Remote Monitoring and Management
  • Website Security
  • Device Manager
  • ITSM
  • CRM
  • MSP
  • Android Device Manager
  • MDR Services
  • Ransomware Prevention
  • Managed IT Support Services
  • Free EDR
Free SSL Certificate
Support Partners Terms and Conditions Privacy Policy

© Comodo Group, Inc. 2024. All rights reserved.