From 88e4959c54f7e42acdd51d3fa0ca0fb8d8e38512 Mon Sep 17 00:00:00 2001 From: amybook Date: Wed, 16 Apr 2025 14:51:03 -0700 Subject: [PATCH 1/3] Update cases-overview.md Updating the activity log section to reflect new rich text capability. --- unified-secops-platform/cases-overview.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/unified-secops-platform/cases-overview.md b/unified-secops-platform/cases-overview.md index 3746ef606c..37a605c633 100644 --- a/unified-secops-platform/cases-overview.md +++ b/unified-secops-platform/cases-overview.md @@ -117,7 +117,7 @@ Each case has a threshold of 100 linked incidents. ### Activity log -Need to write down notes, or that key detection logic to pass along? Create plain text comments and review the audit events in the activity log. Comments are a great place to quickly add information to a case. +Need to write down notes, or that key detection logic to pass along? Create rich text comments and review the audit events in the activity log. Comments are a great place to quickly add information to a case such as queries, tables, links, and structured content. :::image type="content" source="media/cases-overview/informal-comments.png" alt-text="Screenshot showing informal comments between analysts."::: From 7cba248d1795a1f09a97bb1eeae115feb9f4dafb Mon Sep 17 00:00:00 2001 From: amybook Date: Mon, 28 Apr 2025 09:44:58 -0700 Subject: [PATCH 2/3] Update unified-secops-platform/cases-overview.md Co-authored-by: Yechiel Levin <61194355+yelevin@users.noreply.github.com> --- unified-secops-platform/cases-overview.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/unified-secops-platform/cases-overview.md b/unified-secops-platform/cases-overview.md index 37a605c633..1087eda9f7 100644 --- a/unified-secops-platform/cases-overview.md +++ b/unified-secops-platform/cases-overview.md @@ -117,7 +117,7 @@ Each case has a threshold of 100 linked incidents. ### Activity log -Need to write down notes, or that key detection logic to pass along? Create rich text comments and review the audit events in the activity log. Comments are a great place to quickly add information to a case such as queries, tables, links, and structured content. +Need to write down notes, or that key detection logic to pass along? Create rich text comments and review the audit events in the activity log. Comments are a great place to quickly add information—including such things as queries, tables, links, and structured content—to a case. :::image type="content" source="media/cases-overview/informal-comments.png" alt-text="Screenshot showing informal comments between analysts."::: From f3262b52f434cd6311e710ecb22f075420f25bc8 Mon Sep 17 00:00:00 2001 From: amybook Date: Mon, 28 Apr 2025 09:50:18 -0700 Subject: [PATCH 3/3] Update cases-overview.md Changed Description text type from plain text to rich text --- unified-secops-platform/cases-overview.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/unified-secops-platform/cases-overview.md b/unified-secops-platform/cases-overview.md index 1087eda9f7..e7865321ed 100644 --- a/unified-secops-platform/cases-overview.md +++ b/unified-secops-platform/cases-overview.md @@ -81,7 +81,7 @@ Manage the following case details to describe, prioritize, assign, and track wor | Priority| `Very low`, `Low`, `Medium`, `High`, `Critical` | none | | Status | Set by analysts, customizable by admins | Default statuses are `New`, `Open`, and `Closed`
Default value is `New`| | Assigned to | A single user in the tenant | none | -| Description | Plain text | none | +| Description | Rich text | none | | Case details | Case ID | Case IDs start at 1000 and aren't purged. Use custom statuses and filters to archive cases. Case numbers are automatically set.| | | Created by
Created on
Last updated by
Last updated on | automatically set | | | Due on
Linked incidents | none |