+4Hello,
I am creating a custom alert view for a playbook - which should be available to view for all roles I have in Secops. However, when I view the alert and click on the overview tab , it seems to only show me the "Default Alert View" not the custom one I have created.
Is there any reason why it is doing this?
Thanks
Best answer by ddiserens
@d_patel_dj did your playbook attach to the alert? If so make sure you click the alert to open the view.
There are a few places where views can be configured. The first is the default view for the case and alert. This view configuration is under Settings -> Case Data -> Views.
The second place you can configure a view is within the playbook. This view will show up in the alert screen whenever the playbook is attached to an alert.
In saying this I believe what you are seeing is the Default Case View.
+6
@d_patel_dj did your playbook attach to the alert? If so make sure you click the alert to open the view.
There are a few places where views can be configured. The first is the default view for the case and alert. This view configuration is under Settings -> Case Data -> Views.
The second place you can configure a view is within the playbook. This view will show up in the alert screen whenever the playbook is attached to an alert.
In saying this I believe what you are seeing is the Default Case View.
+12Is this a SCCE instance, or a 'traditional' SecOps? What is the users's primary role?
I assume you've checked the user is inheriting roles correctly (a good test would be to assign the case to the user's primary Role and check if they can access the case?)
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
