Forum Discussion
Incident Investigation question
Did the functionality of the Incident graphical investigation change? I have 4 alerts that share the same user and IPAddress entities. Previously, when I did an investigation and clicked on Rel...
GaryBushey
Hi,
Hmm, we actually didn't change anything in the functionality.
If you click on 'related entities' for each of the alerts you should see the relationships between the alerts and the matching entities.
Let me know if that addresses the issue.
Thanks,
Raz