Creating Alerts for Real-time Threat Detection Events

Requires the Real-time Threat Detection service

When the Real-time Threat Detection service is deployed, SOAR automatically creates rule name filters for incoming correlation events. However, the system is configured to ignore all alert sources. To create alerts, you must configure the alert source rule name filter.