New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Endpoint investigation plan enhancement #32007
Conversation
…ks only on the alerts associated with the incident
…n tasks only on the alerts associated with the incident
This PR was automatically updated by a GitHub Action
To stop automatic version bumps, add the |
…ts that are not used in any of its tasks: timeRange
…ncement' into endpoint_investigation_plan_enhancement
This PR was automatically updated by a GitHub Action
To stop automatic version bumps, add the |
This PR was automatically updated by a GitHub Action
To stop automatic version bumps, add the |
…estigation_plan_enhancement � Conflicts: � Packs/CommonPlaybooks/ReleaseNotes/2_5_6.md � Packs/CommonPlaybooks/pack_metadata.json
…ation playbook and updated the core playbooks that used that playbook as a sub-playbook.
…estigation playbook and updated the core playbooks that used that playbook as a sub-playbook.
…ncement' into endpoint_investigation_plan_enhancement # Conflicts: # Packs/CommonPlaybooks/ReleaseNotes/2_5_8.md # Packs/CommonPlaybooks/pack_metadata.json
…estigation_plan_enhancement
This PR was automatically updated by a GitHub Action
To stop automatic version bumps, add the |
Packs/Core/Playbooks/playbook-Local_Analysis_alert_Investigation.yml
Outdated
Show resolved
Hide resolved
Packs/Core/Playbooks/playbook-Local_Analysis_alert_Investigation.yml
Outdated
Show resolved
Hide resolved
This PR was automatically updated by a GitHub Action
To stop automatic version bumps, add the |
This PR was automatically updated by a GitHub Action
To stop automatic version bumps, add the |
This PR was automatically updated by a GitHub Action
To stop automatic version bumps, add the |
This PR was automatically updated by a GitHub Action
To stop automatic version bumps, add the |
…demisto/content into endpoint_investigation_plan_enhancement
This PR was automatically updated by a GitHub Action
To stop automatic version bumps, add the |
…demisto/content into endpoint_investigation_plan_enhancement
Status
Related Issues
fixes: link to the issue
Description
Updated the playbook to perform investigation only on the alerts associated with the incident.
Must have