About custom rule details
About custom rule details
March 20, 2024
ID 228437
Custom rules details contain information about a custom rule.
Custom IOA rule details
Custom IOA rule details contain the following fields:
Actions available in custom IOA rule details:
- Find events. Click the link to display the telemetry events table in the Threat hunting section. The table is filtered by the rule name.
- Go to Alerts marked by the rule. Click the link to view alerts generated by the IOA rule triggering. The list of alerts is in the Alerts section.
- Go to incidents marked by the rule. Click the link to view incidents generated by the IOA rule triggering. The list of incidents opens in the Incidents section.
- Editing details of the rule.
Exclusions from Kaspersky rules
An exclusion from Kaspersky contains the following fields:
Actions available in exclusion details:
- Find events. Click the link to display the telemetry events table in the Threat hunting section. The table is filtered by rule name.
- Go to Alerts marked by the rule. Click the link to view alerts generated by the IOA rule triggering. The list of alerts opens in the Alerts section.
- Go to incidents marked by the rule. Click the link to view incidents generated by the IOA rule triggering. The list of incidents opens in the Incidents section.
- Editing details of the rule.
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.