AnsweredAssumed Answered

Optimizing Alert Reports

Question asked by Renato Abreu on Sep 29, 2016
Latest reply on Sep 29, 2016 by John Snider

Hello all,

 

I am working with custom reports containing alert.id metakey so I can summarize the alerts generated for some time range.

However I am experiencing a high number of false positives in these reports.

I would like to know if there is a way to use the RSA NetWitness intelligence to optimize these reports and reduce the number of false positives.

I am starting to use the solution recently so I don't know the best practices and the better way to create more efficient reports.

 

Could any one help me with this? Is there some tips to get better reports or some document of best practices for it?

 

Thanks in advance.

Outcomes