The Case Wall is a repository of all event logs related to a case
from the time the case was created until it's closed. Click the Case Wall
tab to view information on the tasks, user comments, pinned chat messages,
manual and system actions, file attachments (up to 50MB upload supported), and
more, related to a case. Each of these types of information are indicated by icons located at the
top segment of the Case Wall.
Click View More to see both the regular UI results and the JSON
results.
Click one or more of the following event icons to view their details.
You can select an alert from the menu (located beside the event icons) for
which you want to see the related events. To view events for all the alerts of
the case, select All Alerts.
Icons
Description
Displays the details of actions assigned to each alert in a tabular
form. Details include the action timestamp, action name, alert name, the
status of the action taken (Completed or Faulted) and its result.
Click Show More to expand the view of the action results,
involved parameters, and entities in a tabular form. To collapse the
view, click Show Less.
Displays the details of all status changes of a case carried out by
users or the system in tabular form. These changes include updating
case title, case stages, priority, case assignment to a different user,
case closure, and other modifications.
Displays details on tasks. Once the task is completed, click
Complete Task. The task status displays Completed
with the completion timestamp followed by your comments.
Displays the details of all status changes of a case carried out by
users or the system in a tabular form. These changes include updating
case title, case stages, priority, case assignment to a different user,
or case closure.
Displays any chat message that was pinned in the Instant Message
dialog.
Displays Case Wall items that you've saved as favorites (by
clicking the yellow star on the right).
Sort event logs based on the time they were created (from the
newest to the oldest, and vice versa).
Displays any warnings and general insights about the case and the
involved entities.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-03-25 UTC."],[[["The Case Wall tab in Google SecOps SOAR serves as a central hub for all event logs related to a specific case, from its creation to closure."],["Within the Case Wall, users can access information about tasks, user comments, pinned chat messages, system actions, and file attachments up to 50MB."],["The Case Wall tab uses icons to indicate different types of event details, such as actions assigned to alerts, case status changes, tasks, and pinned messages."],["Users can filter and view event details by selecting specific alerts or viewing all alerts within a case, and use \"View More\" for regular and JSON results."],["The Case Wall enables sorting event logs chronologically and provides access to favorited items, as well as any warnings or insights regarding the case and its involved entities."]]],[]]