The "Create Intezer Case from Trigger Alert" workflow template is designed for efficient case management by automating the initial triage of alerts from Intezer. Upon receiving an alert, the workflow creates a case using a field mapper, adds key notes, and attaches an initial runbook. It leverages AI to summarize triage data, enhancing the case with actionable insights. This template streamlines incident response, ensuring critical information is captured and organized for effective resolution.
Trigger
Use Cases
Case Management
Workflow Breakdown
Workflow will trigger for 'initial_triage' alerts.
Creates a case, populating it with custom fields and observables via a nested workflow that processes the raw JSON alert.
Defines wich quick action should be added to the case based on alert recommendations.
Adds alert note as a key note for the case.
Uses AI Task to summarize triage data.
Attaches an Initial Runbook to the case
Vendors
Utils, Torq Cases
Tips
Define Quick Action workflows to be associated with the case based on alert recommendations.