Change the Display Name of Security Incidents

Add a Cortex XSOAR server configuration to change the name of security incidents from ‘incident’ to another term - cases, issues, etc. setIncident display name
In Cortex XSOAR, the default term used for a security incident is
incident
. You can change the term that is used for security incidents from a predefined list of options. This term displays in reports, menus, tables, and commands (local and server) in Cortex XSOAR.
When you change the display name of a security incident, the following commands are deprecated and are replaced with commands with the new name:
  • associateIndicatorstoIncident
  • associateIndicatortoIncident
  • createNewIncidents
  • linkIncidents
  • relatedIncidents
  • setIncident
  • unAssociateIndicatorstoIncident
  • unAssociateIndicatortoIncident
For example, if you change the security incident name to
Cases
, the
setIncident
command appears as
setIncident (Deprecated)
and the
setCase
command replaces it. You can still use the deprecated command but it is recommended to replace the command for clarity.
The term you select does not change the display name for content-related items, such as playbooks, integrations, scripts, dashboards, or the API.
(
Multi-Tenant
) When changing the display name of security incidents, the URL link which contains
/incident
may not work properly. For example, when changing the
incident
to
case
, sometimes the links are formed with the
/incident
URL and not with the
/case
URL. This can usually be corrected by clearing the browser cache and reloading the page.
  1. Navigate to
    Settings
    About
    Troubleshooting
    .
  2. In the
    Server Configuration
    section, click
    Add Server Configuration
    .
  3. In the
    Key
    field type
    UI.term.incident
    .
  4. In the
    Value
    field enter the value for the term. In the following table, the Command column displays the correct command to use.
    Value
    Term
    Command
    0
    Incidents (default)
    setIncident
    1
    Cases
    setCase
    2
    Alerts
    setAlert
    3
    Events
    setEvent
    4
    Plays
    setPlay
    5
    Tickets
    setTicket
    6
    Issues
    setIssue
  5. Restart the server.

Recommended For You