Settings
Alert Statuses
Settings
Alert Statuses
Configure and manage custom alert statuses to track the lifecycle of alerts in your security operations.
Overview
The Alert Statuses section allows you to create and manage custom status definitions for your alerts. This feature helps you track the progression of alerts through your security operations workflow, from initial detection to final resolution.
Managing Alert Statuses
Creating a New Status
Click the “Create” button to add a new alert status:
Configure the basic status information:
- Status name
- Description
- Color indicator
- Icon selection
- Category
Configuring Status Details
Provide comprehensive configuration for your alert status:
Define detailed settings:
- Status behavior
- Automation rules
- Notification settings
- Access permissions
Status Management
View and manage your configured alert statuses:
The status list displays:
- Status name and icon
- Description
- Category
- Creation date
- Last modified
- Actions
Default Status Types
New Alerts
- New
- Unassigned
- Assigned
- In Progress
Investigation
- Under Investigation
- Needs Information
- Awaiting Response
- On Hold
Resolution
- Resolved
- Closed
- False Positive
- Duplicate
Escalation
- Escalated
- Critical
- Requires Attention
- Pending Review
Status Configuration
Visual Indicators
- Color coding
- Icon selection
- Status badges
- Priority markers
Behavior Settings
- Auto-transition rules
- Time-based triggers
- Required fields
- Status dependencies
Access Control
- Role-based access
- Team permissions
- Status restrictions
- Modification rights
Best Practices
Status Design
- Use clear, descriptive names
- Maintain consistent naming
- Choose intuitive colors
- Select appropriate icons
Workflow Integration
- Define logical progression
- Set up automation rules
- Configure notifications
- Enable tracking
Organization
- Group related statuses
- Define clear categories
- Set proper ordering
- Maintain hierarchy
Maintenance
- Review status usage
- Update as needed
- Remove unused statuses
- Document changes
Using Alert Statuses
In Alert Management
- Track alert lifecycle
- Monitor progress
- Manage workload
- Measure response time
In Reporting
- Status distribution
- Resolution metrics
- Team performance
- Response analytics
In Automation
- Status-based triggers
- Automatic updates
- Notification rules
- Workflow automation