Overview

1. Alert Analytics

2. Case Analytics

3. Task Analytics

4. Analyst Performance

Available Dashboards

1. Date Range Selection

2. Export Options

3. Visualization Types

4. Interactive Elements

Common Features

1. Regular Monitoring

2. Performance Analysis

3. Report Generation

4. Data-Driven Decisions

Best Practices

Next Sections

Comprehensive analytics and reporting features for monitoring alerts, cases, tasks, and analyst performance.

Analytics

CaseBender

Introduction

Quickstart Guide

Learn how to deploy CaseBender to various cloud platforms

Deployment Overview

Deploy CaseBender on Google Cloud Run with step-by-step instructions

Deploy to Google Cloud Run

Deploy CaseBender on Amazon Web Services (AWS)

Deploy to AWS

Deploy to Azure

Deploy to DigitalOcean

Understanding the fundamental concepts of CaseBender

Core Concepts

Returns a detailed list of all alerts, with an optional status as an input.  The return object contains the alert details, including severity, status, and custom fields. The alerts are sorted by creation date.

Get Alerts

Create Alert

Delete Alert

Update Alert

Returns a detailed alert. The return object contains the alert details, including severity, status, and custom fields

Get Alert by Id


        The alert field should be a JSON string containing the alert data with the same fields as POST /alerts.
        For adding observables, the observables field should be an array of observables with the following fields:

        If a file needs to be uploaded:
          - dataType: file
          - attachment: {name of the file}
        For all other observables type:
          - dataType: {type of the observable}
          - data: {data of the observable}

        The file field should be an array of files to be uploaded and the names of files should match what was defined in the alert data.
        ---------------------------
        Example of the alert field:
          {
              "title":"Test alert 1",
              "description":"Test description 1",
              "status": "open",
              "count": 1,
              "tinyId":"hij",
              "severity": 1,
              "customFields": {
                  "test1": "value1",
                  "test2": "value2"
              },
              "tlp": 3,
              "pap": 3,
              "type": "virus",
              "source": "virusRef",
              "sourceRef": "virusRefRef",
              "observables": [
                {"dataType": "file", "attachment": "log.txt"},
                {"dataType": "ip", "data": "8.8.8.8"},
                {"dataType": "file", "attachment": "definition.txt"}
              ]
          }
        

Getting Started

Deployment

Alert Management

Case Management

Task Management

Analytics

Audits

Settings

Analytics

Overview

Available Dashboards

1. Alert Analytics

2. Case Analytics

3. Task Analytics

4. Analyst Performance

Common Features

1. Date Range Selection

2. Export Options

3. Visualization Types

4. Interactive Elements

Best Practices

1. Regular Monitoring

2. Performance Analysis

3. Report Generation

4. Data-Driven Decisions

Next Sections

Getting Started

Deployment

Alert Management

Case Management

Task Management

Analytics

Audits

Settings

​Overview

​Available Dashboards

​1. Alert Analytics

​2. Case Analytics

​3. Task Analytics

​4. Analyst Performance

​Common Features

​1. Date Range Selection

​2. Export Options

​3. Visualization Types

​4. Interactive Elements

​Best Practices

​1. Regular Monitoring

​2. Performance Analysis

​3. Report Generation

​4. Data-Driven Decisions

​Next Sections

Overview

Available Dashboards

1. Alert Analytics

2. Case Analytics

3. Task Analytics

4. Analyst Performance

Common Features

1. Date Range Selection

2. Export Options

3. Visualization Types

4. Interactive Elements

Best Practices

1. Regular Monitoring

2. Performance Analysis

3. Report Generation

4. Data-Driven Decisions

Next Sections