Acknowledgements provide a visual way to identify that a detection has been seen. You can acknowledge a detection to let team members know that you are investigating a ticket or that the issue has been triaged and should be prioritized for follow-up. You can also filter your view of detections to show only unacknowledged detections.
Before you beginUsers must have limited-write or higher privileges to acknowledge a detection or clear an acknowledgement.
Here are important considerations about acknowledging detections:
- An acknowledgement does not hide the detection.
- After a detection is acknowledged, a timestamp and the username of the person who acknowledged the detection is displayed.
- An acknowledgement can be cleared by any user, even if they are not the user that originally acknowledged the detection.
To acknowledge a detection, complete the following steps:
- Log in to the ExtraHop system through https://<extrahop-hostname-or-IP-address>.
- At the top of the page, click Detections.
Click Acknowledge from the lower-left corner of the
The detection displays the username and timestamp. Click Reset to clear an acknowledgement.
Thank you for your feedback. Can we contact you to ask follow up questions?