Skip to content

Commit

Permalink
Create analysts_incidents
Browse files Browse the repository at this point in the history
  • Loading branch information
@scottbrumley
scottbrumley authored Oct 2, 2024
1 parent dcb73d5 commit 2f1c1ee
Showing 1 changed file with 14 additions and 0 deletions.
14 changes: 14 additions & 0 deletions SOC_Framework/Widgets/analysts_incidents
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
dataset = alerts
| arrayexpand original_tags
| filter original_tags contains "DS:"
// Open manual alerts
| filter resolution_status = ENUM.NEW or resolution_status = ENUM.UNDER_INVESTIGATION
| comp count_distinct(incident_id) as total_incidents by original_tags
| sort desc total_incidents






| view graph type = pie header = "Total Manual Incidents" xaxis = original_tags yaxis = total_incidents

0 comments on commit 2f1c1ee

Please sign in to comment.