Filters let you narrow your case search in the queue to precisely target
the cases you want to analyze.
You can add each filter using either an AND or OR condition.
Each filter can also include an IS or IS_NOT condition.
The following filters are available:
Time Frame
Alert names
Analysts - (note that you can also choose to include analysts who
are part of a role. For example, you can choose just Tier2, and if Alex Smith
(who is part of a Tier2) is assigned a case, this appears in the
filtered display.)
Environments
Priorities
Products
Stages
Tags
Playbook Status
For example, you can create a filter to display cases that are high priority
but not in the Investigation stage from the last 24 hours.
Click Open Filter.
Complete the required information as follows:
Time Frame: Last 24 hours.
PrioritiesISHigh.
And
StagesIS_NOTInvestigation.
To save the filter for future use, click Save Filter and
give it a name. The filter is saved under the downward arrow in the
Case queue header for future use. You can edit and delete filters from this
saved filter list.
Click Apply to apply the filter to the case queue.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-04-02 UTC."],[[["Filters allow users to refine their case search within the queue by selecting specific criteria."],["Filters can use AND/OR conditions and Is/Is Not conditions to include or exclude cases based on various attributes."],["Available filter options include Time Frame, Alert Name, Product, Playbook Status, Analysts, Environment, Priorities, Stages, and Tags."],["Users can save custom filters for repeated use, accessing them from the Case Queue Header and allowing for easy modification and deletion."],["The filter is applied to the case queue after defining the needed conditions, such as setting the time frame to the last 24 hours, priority to high, and excluding the Investigation stage."]]],[]]
Open Filter.
