Alert

Centralized display of all alert records.
All fields in alerts are read-only by default and cannot be edited.
Analysts do not modify alert data; they only conduct investigations and response work based on alert data.

View

Supports multiple filtering and sorting functions.

Alert Operations Panel

List of artifacts related to the alert.

AI analysis results generated based on alert content.

Cases associated with the alert.

Original log content of the alert. JSON format.

Playbook execution history related to the alert.

System fields of the alert.