Scheduling a Custom Alert for your environment consists of three steps: choosing the template you’d like to configure, previewing the search results, then scheduling the alert.
Use Custom Alerts to configure email alerts using predefined templates so you're notified about specific activity in your environment. When an alert runs and finds results, it sends an email to specified recipients instead of generating a new detection.
Custom Alerts let you set up email alerts based on predefined templates that cover a wide range of topics including Real Time Response session initiation, host containment, OS security settings, and more that are not yet covered by notification workflows.
Accesing to custom alerts you will see a list of predefined alert templates configurables in certain aspects but it is not possible to add new event triggers for new alerts, so I think the C answer is the correct.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
vsnt89
2 months, 3 weeks agosbag0024
1 year, 5 months agoCharlesB2
1 year, 6 months agoFerbOP
1 year, 7 months agoFerbOP
1 year, 6 months agoBelrose
1 year, 8 months agoPercy73729
1 year, 9 months ago