Skip to main content
Skip table of contents

Incident Management - Case/Incident User Assignment

Assigning or Removing a Case from Single/Multiple Users

Assigning a Case to Single/Multiple Users

  1. Log in to LogRhythm NDR's new UI.

  2. Click Hunt from the sidebar menu and then click Cases.

  3. Select a category to open any Case listed under that category.

  4. To view the details of a specific Case, click on the particular Case.
    The Case Details page appears.

  5. Click the Case Assignment drop-down list on the right-hand side of the Case Details page.
    The list of users for this specific NDR installation/deployment is displayed.

A Case can be assigned to a single user or multiple users.

  1. To save a particular assignment, click the Update button (floppy disk icon) in the Case Assignment window.

  2. The Remark dialogue box can be used to add remarks to a particular assignment.

  3. Click the Update button to add the remarks.
    This action successfully adds a Case to a specific user or multiple users.

Removing a Case from Single/Multiple Users

  1. To remove a Case, go to the Case Assignment drop-down list and select the users assigned to a particular Case and then click the Update/Save button.

  2. To confirm the action to remove a Case, click on the Update button displayed in the pop-up window that appears.

Assigning or Removing a Policy Violation from Any User

Assigning a Policy Violation to Any User

  1. Log in to LogRhythm NDR's new UI.

  2. Click Hunt from the sidebar menu and then click Policy Violations.

  3. Select a category to open any Policy Violation listed under that category.

  4. To view the details of a specific Policy Violation, click on the particular Policy Violation.
    The Policy Violation Details page appears.

  5. Click the Case Assignment drop-down list on the right-hand side of the Policy Violation Details page.
    The list of users for this specific NDR installation/deployment is displayed.

A Policy Violation can be assigned to a single user or multiple users.

  1. To save a particular assignment, click the Update button (floppy disk icon) in the Case Assignment window.

  2. The Remark dialogue box can be used to add remarks to a particular assignment.

  3. Click the Update button to add the remarks.
    This action successfully adds a Policy Violation to a specific user or multiple users.

Removing a Policy Violation from Any User

  1. To remove a Policy Violation, go to the Case Assignment drop-down list and select the users assigned to a particular Policy Violation and then click the Update/Save button.

  2. To confirm the action to remove a Policy Violation, click on the Update button displayed in the pop-up window that appears.

Assigning or Removing an Incident from Single/Multiple Users

Assigning an Incident to Any User

  1. Log in to LogRhythm NDR's new UI.

  2. Click Hunt from the sidebar menu and then click Incidents.

  3. Select a category to open any Incident listed under that category.

  4. To view the details of a specific Incident, click on the particular Incident.
    The Incident Details page appears.

  5. Click the Case Assignment drop-down list on the right-hand side of the Incident Details page.
    The list of users for this specific NDR installation/deployment is displayed.

An Incident can be assigned to a single user or multiple users.

  1. To save a particular assignment, click the Update button (floppy disk icon) in the Case Assignment window.

  2. The Remark dialogue box can be used to add remarks to a particular assignment.

  3. Click the Update button to add the remarks.
    This action successfully adds an Incident to a specific user or multiple users.

Removing an Incident from Any User

  1. To remove an Incident, go to the Case Assignment drop-down list and select the users assigned to a particular Incident and then click the Update/Save button.

  2. To confirm the action to remove an Incident, click on the Update button displayed in the pop-up window that appears.

Notifications

When a Case, Incident, or Policy Violation is assigned to a user, they receive the following:

  • A real-time alert notification.

  • A notification via the Notification icon available at the top-right corner of each NDR page.

Activity/History

When a particular Case, Incident, or Policy Violation is added to a user or multiple users, this activity is recorded in the Activity section of the Case, Incident, or Policy Violation Details page.

Information such as the assignee, user, and time of assignment are also available.

Case Assignment List Page

Admin Role

  1. Log in to LogRhythm NDR's new UI.

  2. In the sidebar menu, click Case Assignment.
    The Case Assignment page appears with 2 tabs. One tab has the list of all the Cases assigned to you and the other tab has the list of all the Cases assigned to other users.

Other Roles

  1. Log in to LogRhythm NDR's new UI.

  2. In the sidebar menu, click Case Assignment.
    The Case Assignment page appears with the list of all the cases assigned to you.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close