a |
Selected time frame |
Shows the time frame the file activity occurred in. Change the time frame in the upper-right corner of the screen.
|
b |
View profile |
Opens the User Profile for the employee. |
c |
Actions |
Click the Actions menu and do one of the following:
- Select Add to watchlists to add the user to one or more watchlists for closer monitoring. If the user is already on a watchlist, select Edit watchlists to change the user's current watchlist memberships.
- In Alerts, select Send email to email the user requesting more information about their activity. Customize the message as needed before you send it.
- Select Send user an Instructor lesson to send a lesson to the user.
- Select a custom action.
- Incydr Flows connect other systems or workflows to Code42. These integrations can add contextual information about users and orchestrate response controls.
- Custom actions are only available if your organization has worked with Code42 Professional Services to set up Incydr Flows and if you have the correct role.
Visibility of actions
You are only shown actions that you are allowed to access based on your Incydr role and your organization's product plan. For example:
|
d |
User |
Displays a summary of the employee's information, including:
- Name
- Department*
- Title*
- Watchlists the employee has been added to
*Displays this information if your Code42 environment uses provisioning. For more information, see Provision user attributes to Code42.
|
e |
Cases |
Shows the number of cases with the Open status for which the user has been added as the subject of the case. Click to see the user's cases. |
f |
Alerts |
Shows the number of alerts the user has triggered during the selected time frame that are in the Open, In progress, or Pending response status. Click to see the user's alerts. |
g |
Notes |
Do one of the following:
- Click Add
to add more details to the user's profile.
- Click Edit
to modify existing notes.
Notes are limited to 1000 characters.
|
h |
Risk indicator events |
Displays counts of each file event severity with associated risk indicators.
For more information about risk indicators, see Risk settings reference.
|
i |
Investigate in Forensic Search  |
Click to see more details about the file events in Forensic Search. Learn more about using Forensic Search. |
j |
Filter |
Click to show filters that allow you to see events based on risk indicator or watchlist. To remove a selected filter, click it again. |
k |
By risk score |
Click to show file events by risk score in descending order. |
l |
By date observed |
Click to show file events by the date the event occurred with latest events on top. |
m |
View details  |
Click to view details about the file event. For detailed descriptions of each field, see File event metadata. |
n |
Filename/Details |
Shows filename, risk indicators, risk score, and other details pertaining to the file event.
If the filename is shown as a blue hyperlink, you can download the file from this location. If the filename is not a blue hyperlink, you may be able to download the file in Forensic Search.
To view all file events with more detail, click Investigate in Forensic Search .
|