Current ThreatQ Version Filter
 

Tasks

THREATQ REQUIRED PERMISSIONS

Default ThreatQ Role: Administrative, Maintenance, or Primary Contributor
Custom Role - Action Permissions: Objects & Context - Objects, Individual Object Context & Actions

ThreatQ allows you to create and assign tasks to yourself or other users in the platform.

Once tasks are included in your deployment, you can add contextual information and correlate them with Indicators, Events, Adversaries, Signatures, and Files. You can also add comments, change the task priority, change the task status, and delete the task.

Assigning a Task

Complete the following steps to assign a task in ThreatQ.

  1. From the main menu, choose Create > Task.
    The Add Task window is displayed.
    Add Task Window
  2. Populate the following fields:
    Field  Description
    Name Add a task name.
    Assigned To Enter the person to which the task is assigned.  This field defaults to your ThreatQ display name.
    Reporter Enter the  person who reported the task.  This field defaults to your ThreatQ display name.
    Due Date Use the date picker to select a due date
    Status Select one of the following statuses:
    • To Do
    • In Progress
    • Review
    • Done
    Priority Select one of the following task priorities:
    • Low
    • Medium
    • High
    Related Objects Optional.  Select any related objects you need to link to the Task.
    Description Enter a brief description of the task object.

    Any description you add during object creation defaults to a Source value of ThreatQ System.
  3. Click Save.
    The assignee receives a Notification Center alert about the task. This alert includes a link to the assigned task.

Managing Tasks

After a task is created, you can manage it on the task's Details page.

The following table describes the actions you can take to manage your tasks on a Task Details page.

To You can...

Change task priority

 Choose the Priority drop-down and select a new priority.
Change task status Choose the Status drop-down and select a new status.
Add Attributes, Comments, Relationships, and Sources Choose the Add Context drop-down and select an item.
View and Add Comments Choose Comments.
View the Audit Log Choose Audit Log.
Request Investigation Access
  1. Choose Investigations
  2. Click the related investigation to open the Access Denied window. 
  3. Click the Request Access button. 
    When you click this button, the investigation owner receives a Notification Center alert indicating you have requested access to the investigation.