You can add notes to an external alert, just like you can to a detection. This allows you to keep all of the important information about a security incident in a single location for traceability and ease of team communication.
You will need the Analyst role to access an external alert and view or add notes.
Adding notes to an external alert
To add a note to an alert:
- From your Red Canary dashboard, click the Alerts.
- Click on an Alert, and then scroll down to the Investigation section.
- Under the Add a note for you or your team's record… section, enter your text or Markdown notes.
- Click Add Note.
You can edit or delete a note once it has been created by clicking the buttons at the top right of each note.
Should I use notes to communicate with my Red Canary team?
Notes are designed for you and your internal team and are not intended for communicating with Red Canary. If you have a question or need assistance, use the Contact Us button at the bottom of the alert timeline to notify our team.