Acknowledgments provide a visual way to identify that a detection has been seen. You can acknowledge a detection to let team members know that you are investigating a ticket or that the issue has been triaged and should be prioritized for follow-up. You can also filter your view of detections to show only unacknowledged detections.
Before you beginUsers must have limited-write or higher privileges to acknowledge a detection or clear an acknowledgment.
Here are important considerations about acknowledging detections:
- An acknowledgment does not hide the detection.
- After a detection is acknowledged, a timestamp and the username of the person who acknowledged the detection is displayed.
- An acknowledgment can be cleared by any user, even if they are not the user that originally acknowledged the detection.
To acknowledge a detection, complete the following steps:
- Log in to the ExtraHop system through https://<extrahop-hostname-or-IP-address>.
- At the top of the page, click Detections.
Click Acknowledge from the lower-left corner of the
The detection displays the username and timestamp. Click Reset to clear an acknowledgment.
Thank you for your feedback. Can we contact you to ask follow up questions?