You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: unified-secops-platform/cases-overview.md
+10-1Lines changed: 10 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -102,7 +102,8 @@ Following the burrowing attack case creation example, the SOC admins configured
102
102
Add tasks to manage granular components of your cases. Each task comes with its own name, status, priority, owner, and due date. With this information, you always know who is accountable to complete which task and by what time. The task description summarizes the work to do and some space for describing the progress. Closing notes provide more context about the outcome of completed tasks.
103
103
104
104
:::image type="content" source="media/cases-overview/add-task-small.png" alt-text="Screenshot showing the task pane with tasks populated for the case and statuses available." lightbox="media/cases-overview/add-task.png":::
105
-
</br>*Image shows the following task statuses available: New, In progress, Failed, Partially completed, Skipped, Completed*
105
+
106
+
*Image shows the following task statuses available: New, In progress, Failed, Partially completed, Skipped, Completed*
106
107
107
108
### Link incidents
108
109
@@ -124,6 +125,14 @@ Need to write down notes, or that key detection logic to pass along? Create rich
124
125
125
126
Audit events are automatically added to the activity log of the case and the latest events are shown at the top. Change the filter if you need to focus on comments or audit history.
126
127
128
+
### Attachments
129
+
130
+
Share reports, emails, screenshots, log files, and more, all centralized in the **Attachments** tab of a case. Ensure you have all the necessary information to make quick and accurate decisions in your security investigations.
131
+
132
+
:::image type="content" source="media/cases-overview/case-attachments.png" alt-text="Screenshot of the details of the Attachments tab of a case.":::
133
+
134
+
To add attachments to your case, go to the **Case details** page, click the **Attachments** tab, select **Upload**, select your file, and wait for the upload to complete. The file is scanned in the background for malware. When the scan is complete, anyone with access to the case can download the file. If you need to upload malware samples, you can wrap them in password-protected ZIP files.
135
+
127
136
## Related content
128
137
129
138
-[Microsoft Sentinel blog - Improve SecOps collaboration with case management](https://techcommunity.microsoft.com/blog/MicrosoftSentinelBlog/improve-secops-collaboration-with-case-management/4369044)
0 commit comments