2.4.12. Adjustment function of automatic analysis report¶
The Security Incident Report automatically analyzes and automatically creates a log of threats detected on your device, but you can change the notification level for automatic analysis.
2.4.12.1. Detection Accuracy screen¶
From the portal top screen, click the [WORKFLOWS] tab, and then click [Workflows].
From the workflow list, click [Detection Accuracy].
2.4.12.2. Notification level for automatic analysis¶
There are three notification levels for automatic analysis: [Severity-prior], [Normal], and [Frequency-prior]. The figure below shows the characteristics of each notification level.
Notification level name |
Report volume |
Detection accuracy |
Overview |
|---|---|---|---|
| Severity-prior | Few |
High |
The amount of reports is small because there is a tendency to notify reports with a low possibility of false positives. |
| Normal | Medium |
Medium |
This is the initial value of this function and is a setting value between Severity-prior and Frequency-prior. |
| Frequency-prior | Many |
Low |
There is a tendency to notify reports that include the possibility of false positives, and the amount of reports is large. |
2.4.12.3. How to check the current automatic analysis notification level¶
To see the current automatic analysis notification level, click [Get Configuration from device] in the Detection Accuracy workflow.
Click [Run Now].
Check the status. In this example, the automatic analysis notification level is set to Normal.
2.4.12.4. How to change the automatic analysis notification level¶
To change the automatic analysis notification level, click [Update Configuration] in the Detection Accuracy workflow.
Select the automatic analysis notification level from the pull-down menu and click [Run Now].
It will be completed when the following screen is displayed.
