Create a case from affected users

  • Freigeben Version: Australia
  • Aktualisiert 12. März 2026
  • 1 Minute Lesedauer

    • You can create a security case from affected users in the User [sys_user] table. After the affected users have been used to create a new case, you can use Security Case Management to analyze the data.

    Vorbereitungen

    The Threat Intelligence plugin must be activated to use Security Case Management.

    Role required: sn_ti.case_user_write

    Warum und wann dieser Vorgang ausgeführt wird

    You need to navigate to the users you want to use to create a case.

    Prozedur

    1. Navigate to All > User Administration > Users.
      The list for the selected users opens. From the list, you can create a new case from one or more user records, or you can select a specific user record and create a new case from the form.
    2. From the list, select the users you want added to a new case.
    3. From the Actions on selected items drop-down list, select Add to Security Case.
      Add a user to a new case
      The Add to Security Case dialog box opens. If you already have cases assigned to you, they display in the list.
      Add a user to a new case
    4. Click Create New Case.
    5. Fill in the fields.
      Field Description
      Case Name Enter a name for this case.
      Description Enter a description that would be of value to the case analyst.
    6. Click Submit.
      A message at the top of the list indicates that a new case has been created, along with a link to the case in Security Case Management.
    7. Click the link to view the new case.