All versions of this manual
X
Welcome to Linkurious user manual v4.0.27. Use the menu to access other documentations.
  1. Introduction
  2. Spaces
  3. First visualization
    1. At first glance
    2. Create a new visualization
    3. Inspect data
  4. Manage visualizations
    1. Open rename delete
    2. Moving visualizations
    3. Share
    4. Duplicate
  5. Queries
    1. Creating queries
    2. Running and managing queries
  6. Custom actions
  7. Search
    1. Searching for nodes
    2. Searching for edges
    3. Advanced search
    4. Advanced syntax
  8. Manipulating the graph
    1. Auto-save
    2. Select nodes and edges
    3. Expand nodes
    4. Node Grouping
    5. Edge Grouping
    6. Lasso
    7. Hide
    8. Layouts
    9. Pinning nodes
    10. Undo/redo
    11. Shortcuts
    12. Publish
    13. Export
  9. Design
    1. Captions
    2. Nodes color
    3. Edges color
    4. Nodes size
    5. Edges size
    6. Icons
  10. Filters
    1. Filter panel
    2. Timeline
  11. Comments
    1. Comments panel
  12. Edit data
    1. Edit properties and categories
    2. Create nodes and edges
    3. Delete nodes and edges
  13. Geography
    1. Geographic data
    2. Display a geographic map
  14. Alerts
    1. Setting up alerts
    2. Alert creation example
    3. Alerts Navigation
    4. Investigating cases
    5. Lexicon
  15. Guest Mode
 

Alerts: Alerts Navigation

Navigating Alerts

Alerts' cases can be accessed in two pages. This section, guides you through these views and their features.

Alerts Dashboard

The Alerts Dashboard displays the alerts available to users.

It is always accessible to those who have the right to “Create & Process Alerts” (see Access Rights). However, users who have the right to “Process Alerts” can only access the dashboard if at least one alert exists.

From the Alerts Dashboard, we can:

  • Create, open, edit, move, disable or delete an alert depending on the user's access rights
  • Create, open, rename or delete folders

When at least one folder exists, the file tree is displayed on the left.

The blue badge displayed above alerts and folders is there to inform users on cases requiring attention (cases with the status: open and assignee: unassigned).

Users clicking on 'Back to Cases' are navigated to the Unified case list.

Unified Case List

The unified case list is where all the cases a user has access to can be displayed. It is accessible to all the users who can access and/or create alerts. The list of cases displayed can be adjusted using filters.

A "by default" filter is applied every time a user accesses the page, which shows the cases which have status Open or In progress and are assigned to the currently logged in user. This enables users to focus on the evolving cases which they are responsible for.

The unified case list is always sorted in descending order, meaning the newest case is always displayed first. Sorting can be modified according to the needs of the user by sorting the remaining columns of the unified case list. To go back to the initially sorted view, sort by the "created at" column in a descending order.

Users can navigate to the 'Alerts Dashboard', where they can also create alerts, when clicking on the 'Alerts Dashboard' button.

Filters

Different combinations of filters can be applied. Users can filter by one or many Alert folders, Alert names, Alert models, Case statuses and Assignees. When filters are cleared, by clicking on the clear button, all the cases a user has access to are displayed.

By default, the unified case list displays basic information common to all cases. The case ID, alert name, folder name (if any), the models that generated the case and their sum, case creation date and time, last updated at date and time, case status and the investigator assigned to it.

Filtering by one alert

When filtering by one alert, all columns (case attributes) of that specific alert are displayed on the unified case list table. Moreover, they're also displayed on the filters panel where users can apply filters on them. The columns of the 'currency' type show the appropriate symbol and adhere to the currency format defined during the alert's creation.

Depending on the type of the columns' data users can filter on numerical, currency or text values.

**

Filters and sorting are persisted to help users not lose the context of their work when navigating in the app.

Filtering monetary values is handled in the same manner as filtering columns of the 'number' type.

Case Preview

The case preview can be accessed by clicking on the case's ID. From the case preview the case view can be opened. Moreover, details on the information the case holds such as alert name, alert description, case attributes and number of comments as well as the timestamp of the latest comment are shown. Furthermore, users can change the status and assignee of a case, exactly in the same manner they do on the case view, from the case preview.

Bulk assign cases

Users can assign one or multiple cases to another user or themselves in one go, from one or many alerts at a time. This is particularly useful for a team leader dispatching the workload among their team, especially in combination with the usage of filters.

To use this feature, the user needs to select one or many cases from the unified case list (clicking on checkboxes). The “ASSIGN” button will activate upon the first selection. Users can pick cases from the different pages of the list. The number of cases selected will show next to the “ASSIGN” button.

Once the user is done selecting cases, they will pick a user name from the dropdown list that opens upon clicking on the “ASSIGN” button. Only the users who have access to all the alerts to which the selected cases belong, will show on the list. If a user is lacking access to at least one of the cases’ alert, they won’t be displayed. Also, if new filters are applied or if filters are cleared, the current selection of cases is unselected.

Download the unified case list information

From the unified case list, users can download an excel file containing all the cases which the applied filter returns. This file contains information which will enable analysts to monitor the team's activity and share it with fellow colleagues. and answer possible questions a they may have, such as:

  • How many cases are in which state?
  • How many cases are assigned per analyst?
  • How many cases dows analyst X close per period?
  • What relevant information is associated with the cases?
  • How long does it take for a case to be closed?
  • How long does it take for a case to be closed by an analyst?

The file begins to download once the button is pressed. In the downloaded file, for each case, you will find its id, creation datetime, status, assignee username, assignee email, assigned datetime, dismissed or confirmed datetime, the alert name and folder name the case belongs to as well as the export datetime.

In case the applied filter returns more than 500k cases, download would not be possible.

Case List

The "Case List" shows a list of newly detected cases for each alert. Each row in the list is a case.

By default, cases are ordered by creation date. You can change sorting order by using custom columns, if the alert creator has defined any.

A case has a status that is either Open, In progress, Confirmed, or Dismissed. New cases have the Open status by default.

The list of cases can be filtered by status. For example, the image below shows the list of dismissed cases. We can also see who has changed the status of those cases.

You can also filter the list of cases by assignee. In the example below, we can see all the cases opened and assigned to the current user.

If a user has no cases assigned to him, his name will appear greyed out in the list.

Within the list of cases, you can assign them to users that have the right to process the alert.

To do so, you can select cases from multiple pages by checking the checkbox on the left of every row.

You can also select all the cases within a page by clicking on the checkbox on top of the list of cases.

Once cases are selected, you can assign them to a single user by clicking on the button "Assign".

To take a decision, you must investigate on a case. Simply click on the ID of a case to open the case view.

Download the alert case list information

From each alert's case list view, users can download an excel file containing all the cases of the alert. This file contains information which will enable analysts to monitor the team's activity, share it with fellow colleagues and answer possible questions a they may have, such as:

  • How many cases are in which state?
  • How many cases are assigned per analyst?
  • How many cases dows analyst X close per period?
  • What relevant information is associated with the cases?
  • How long does it take for a case to be closed?
  • How long does it take for a case to be closed by an analyst?

The file begins to download once the button is pressed. In the downloaded file, for each case, you will find its id, creation datetime, status, assignee username, assignee email, assigned datetime, dismissed or confirmed datetime, the alert name and folder name the case belongs to and the columns as well as the export datetime.

The next section focuses on case investigation and exploration best practises.