Action Taken
The Action Taken tab provides you with details on the particular action performed on the threat data object. Actions can be performed on threat data objects either manually or using rules. You can perform actions using one of the following actions:
CTIX-Specific Actions: These are the actions provided by Intel Exchange that are performed using quick actions or rules on the threat data object.
Third-party Actions: These are the actions provided by the third-party tools that are configured in Internal Applications. These actions are performed on the threat data object using rules. For more information, see <Configure Internal Applications>.
You can view the following details in the Action Taken tab:
Actions Performed: Shows the statistics on the number of CTIX or third-party actions performed.
CTIX Actions: Shows the latest CTIX actions performed using rules or manually and the timestamp on when the action was performed.
3rd Party Actions: Shows the actions performed by the configured third-party tools with the action name and timestamp.
Action Taken Details: Shows the complete information performed on the threat data such as action name, actioned medium, actioned app, rule name, the user who actioned, and the time when the action was performed.