Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Carbon Black Cloud: How to Dismiss Alerts

Carbon Black Cloud: How to Dismiss Alerts


  • Carbon Black Cloud Console: August '23 Release (1.17) and Higher


How to dismiss Alerts using the new workflow.


  1. In the Console, navigate to the Alerts page.
  2. Set Group by: None at the top of the page.
  3. From the desired Alert, open the row's side panel.
  4. Click the Actions dropdown menu and click Close.
  5. From the Close Alert window, fill out the desired information.
  6. In the Close As dropdown, select a reason for closing the alert:
    • Resolved
    • No reason
    • Resolved - Benign/Known good
    • Duplicate/Cleanup
    • Other
  7. Use the Note field to outline the reason for closing the Alert (or all future Alerts, if applicable), to aid other Console users.
  8. In the Manage Related Alerts section, choose whether to:
    • Close all existing Alerts with the same Threat ID.
    • Automatically close all future Alerts with the same Threat ID.
    Note: To dismiss only this single Alert, uncheck "Close all existing..." and select "No...".
  9. Click Close Alert.

Additional Notes

    1. After closing, the workflow status of the Alert changes to Closed and the change is recorded in the Alert ID History pane.
    2. Use the Alert ID History pane to view all previous changes to the workflow status of the Alert.
    3. Under Manage Related Alerts, click View Alerts to view all Alerts with the same Threat ID.
    4. You can also close Alerts by checking the box to select the desired Alert(s), then use the Take Action > Close Alerts button.
    5. Dismissing Alerts is not instantaneous; there is a time delay of less than five minutes.

    Related Content

    Was this article helpful? Yes No
    100% helpful (1/1)
    Article Information
    Creation Date: