By clicking the Edit icon in
the Action column of the Incident Information screen,
the Incident Details screen appears displaying
detailed information about the incident. DLP incident reviewers
can use this screen to update the incident status and provide comments
on the incident.
Incident Details
|
Item
|
Description
|
||
|
ID
|
Unique incident ID
|
||
|
Status
|
Use this to update the review status of
the incident.
Available options:
|
||
|
Severity
|
Severity level of the incident
|
||
|
Policy
|
Name of the Trend Micro Apex Central policy
that triggered the incident
|
||
|
Rule
|
Names of the rules from that triggered the incident
|
||
|
Received
|
Date and time when Trend Micro Apex Central received incident
data
|
||
|
Generated
|
Date and time the incident occurred in the managed
product
|
||
|
User
|
Name of the user who triggered the incident
|
||
|
Manager
|
Name of the user's manager
|
||
|
Endpoint
|
Source host name
|
||
|
IP address
|
Source IP address
|
||
|
Sender
|
Source email address
|
||
|
Subject
|
Subject of the email message
|
||
|
Recipient
|
Destination email address
|
||
|
Destination
|
Intended destination of the file containing the digital asset or
channel (if no source is available)
|
||
|
Last modified date
|
Date and time of the last modification to the asset
|
||
|
Last modified by
|
Name of the user who last modified the asset
|
||
|
Template
|
Names of the templates that triggered the incident
|
||
|
File
|
Name or link to the file that triggered the incident
|
||
|
SHA-1
|
Hash information of the file
|
||
|
Channel
|
Channel through which the transmission occurred
|
||
|
Action
|
Actions taken on the incident
|
||
|
User justification reason
|
User-defined reasons for allowing users to transfer sensitive data
|
||
|
Matching content
|
Digital assets that triggered the incident
|
||
|
Comments
|
User-defined notes about the incident
|
