2.2.12. Adjustment function of automatic analysis report

The Security Incident Report automatically analyzes and automatically creates a log of threats detected on your device, but you can change the notification level for automatic analysis.


2.2.12.1. Detection Accuracy screen

From the portal top screen, click the [WORKFLOWS] tab, and then click [workflows].
From the workflow list, click [Detection Accuracy].
ReportLevel01


2.2.12.2. Notification level for automatic analysis

There are three notification levels for automatic analysis: [Severity-prior], [Normal], and [Frequency-prior]. The figure below shows the characteristics of each notification level.

Notification level name

Report amount

Detection accuracy

Overviews

Severity-prior

Few

High

The amount of reports is small because there is a tendency to notify reports with a low possibility of false positives.

Normal

Medium

Medium

This is the initial value of this function and is a setting value between Severity-prior and Frequency-prior.

Frequency-prior

Many

Low

There is a tendency to notify reports that include the possibility of false positives, and the amount of reports is large.



2.2.12.3. How to check the current automatic analysis notification level

To see the current automatic analysis notification level, click [Get Configuration from device] in the Detection Accuracy workflow.
ReportLevel02

Click [Run Now].
ReportLevel03

Check the status. In this example, the automatic analysis notification level is set to Normal.
ReportLevel04


2.2.12.4. How to change the automatic analysis notification level

To change the automatic analysis notification level, click [Update Configuration] in the Detection Accuracy workflow.
ReportLevel05

Select the automatic analysis notification level from the pull-down menu and click [Run Now].
ReportLevel06

It will be completed when the following screen is displayed.
ReportLevel07