Kaspersky Managed Detection and Response

Viewing and searching incidents in MDR Web Console

20 May 2024

ID 257888

To view incidents:

  1. In the MDR Web Console, navigate to the Incidents menu item.

    The incident list opens. Each line represents one incident. You can click anywhere on the line to view incident information.

    The following incident attributes are present above the list:

    • ID/Created—Numeral identifier of the incident in the Console / date the incident was created.
    • Status—One of the following incident statuses:
      • Open—The incident has to be processed by the security team.
      • Resolved—The incident received a response created by the security team.
      • On hold—The incident has temporarily stopped being processed by the security team.
      • Closed—The incident was processed by the security team and no more work needs to be done on it.
    • Summary—Brief commentary about the whole incident.
    • Tenant—A tenant that an incident is assigned to.
    • Updated—Date and time when the incident was updated.

      Incidents are sorted according to their update time in descending order.

      You can add or remove attributes (columns) and reorder them by clicking the gear icon above the list.

  2. If you want to change the number of incidents shown per page of the list, select a number by clicking the Entries per page option in the lower part of the page. You can select 10, 20, or 50 incidents per page.

To navigate the list of incidents, select a page from below the list. You can use the Previous and Next options to switch between adjacent pages.

In order to filter the incidents, click the funnel icon above the list.

You can search through the incidents by clicking the magnifying glass icon located next to the funnel icon above the incident list.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.