Filter Incidents

Learn how to use filter options on SaaS Security API to investigate incidents identified based on your policy rules.
The SaaS Security web interface provides filters to help you assess incidents identified based on your policy rules. Use the filters provided to view the information from different vantage points; for example, you can search by
to see all the incidents for a particular asset owner.
  1. Select
    to view incidents.
  2. Select your desired filter options.
    Date Found
    Time frame or specific date on which the incident was discovered.
    Cloud App
    Cloud application on which the incidents were discovered.
    User that owns the asset associated with the incident. String matches on
    , and
    Email Domain
    for People. Displays results only if the user has
    Owned Items
    SaaS Security API does not limit the number of owners you can select, but your browser cannot load pages (URLs) that exceed 2,047-2,083 characters, depending on your browser.
    Policy rules that underly the violations.
    AD Group
    Activity Directory groups, if you enabled selective scanning.
    Assigned To
    Administrator to which incidents are assigned.
    Status, which includes both open and closed states.
    Last Activity
    Time frame or specific date of last change to the asset.

Recommended For You