3.4.1.12 Bulk Action

You can take bulk action against alerts by selecting multiple alerts from the list. To take bulk action on the alerts, follow these steps:

1. Select an alert or multiple alerts from the list. The Bulk Action button is displayed.
2. Click the Bulk Action button. The Bulk Action window is displayed.

   Note:

   A Warning message popup is displayed with the list of selected alert IDs in the following scenarios:

   • If the selected alert IDs have any pending.
   • If any alert is locked by other users.

   Click Yes to continue or No to cancel. If you click Yes, Alert ID locked by other users will be filtered, and the Bulk Action window will be displayed.

   The Bulk Action window will not be displayed if no common actions are available for selected alerts.

3. From the Bulk Action window, select the decision. The decisions common to all the selected alerts are only displayed in the list. Selecting the decision is a mandatory field. You can configure the alert decision to be displayed for the bulk action for the alerts. For more information on configuring alert decisions, see OFS Transaction Filtering Administration Guide.
4. Select one or more Standard Comments from the drop-down list in the Standard Comments section. It is mandatory to provide a standard comment or a free text comment.
5. In the Comments section, enter your comments and click Save. A warning message is displayed.

   Note:

   A Warning message popup is displayed in the following scenarios:

   • Close the event as Block if all the are marked as Clean.
   • Close the event as Release if any one of the event is marked as suspicious.

     You can review the alerts and change the event status for bulk action against these alert IDs or click Yes to complete bulk action for the remainder of the alert.

6. Click Save to save the decision or click Cancel to cancel the decision.