Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here

Skyhigh Security

Incidents for Security Configuration Audit for SaaS

The Policy Incidents page is a central repository of all incidents that have violated policies. All services are consolidated on this page, or you can choose to view the violations occurring in just one service. You can display Policy Incidents data in a table view, or create a chart view. It also provides easy access to filters, Saved Views, and allows you to schedule a report, and display policy details with a single click. 

Find the page at Incidents > Policy Incidents

To view Policy Incidents for SharePoint, filter for Service Name > SharePoint

To learn more about an incident, click to view the Policy Incident Cloud Card.

For complete details about the Policy Incidents page, see Policy Incidents Page.

Incidents for Security Configuration Audit for SaaS

saas_config_audit_incidents_5.4.2.png

The Policy Incidents page provides the following information and actions for SaaS:

  • Search.  Search via the Omnibar. You can search for multiple incident IDs by entering a comma-separated query in the Omnibar.
  • Filters. Select options on the Filters tab to scope down your search. 
  • Views. Select the Views tab to use Saved Views created by you or shared with you by another user to reuse specified search parameters from a previous search on current data. 
  • Date Picker. Use the Date Picker to select a preset or custom date range in order to display data from only this date range.
  • Save View. Click to create a Saved View from your search query. 
  • Actions. Click Actions to:
    • Change Owner
    • Change Status
    • Delete Incidents. Select the checkbox(es) for incidents you want to delete. Then click Delete in the confirmation dialog. This action cannot be undone. Large requests may take a few moments to process.
    • Download CSV. Click to export violations as a CSV file. The download begins immediately.
      • NOTE: The columns in the CSV file reflect the columns in the table as displayed, but additional columns are included at the end by default. If the default columns match those displayed, those columns come first in the CSV file, followed by the remaining default columns.
    • Select Response
    • Create Report
      • Business Report (PDF). Create a PDF report and run it immediately, which then appears in the Report Manager
      • CSV. Create a CSV report and run it immediately, which then appears in the Report Manager
      • XLS.  Create an XLS report and run it immediately, which then appears in the Report Manager
      • Schedule. Schedule a report to run at a later time, which then appears in the Report Manager
    • Settings
      • Edit Table Columns. You can edit table columns and save your changes as a Saved View

Policy Incident Cloud Card

Click any incident in the table to see the Cloud Card for that incident. 

Some remediation steps require you to execute Microsoft Windows PowerShell commands. For details, see Execute Microsoft Windows PowerShell Commands

saas_config_audit_incidents_cloud_card_5.4.2.png

  • Was this article helpful?