Alert
- Centrally displays all alert records.
- All fields in alerts are read-only by default and cannot be edited.
- Analysts do not modify alert data; they only investigate and respond based on the alert data.
View
Supports multiple filtering and sorting functions.
Detail
Alert operation panel
Artifacts
Related Artifact records
Enrichments
Associated Enrichment records
Raw Log
The original log content of the alert, in JSON format.
Unmapped Data
Data from the original alert that has not been mapped. By default, AI does not analyze this data.