Handling Manual Processes Through Tasks
Select .
Tasks are a way to define manual processes for Case response. The system can handle the automatic and manual elements together in a defined workflow. Analyst Task creates a task that is handled by the SOC Analysts within the SOAR Case Management.
Searching a Task
You can search a specific Task through the Search option. Click the 
button next to search, to view search results based on Name, Description, Task Scopes, Task Output, Last Modified by, Modification Date and Actions.
Creating a Task
You can define the Analyst Tasks in this window and the resulting task can then be used in the workflow as a standard element. To create a task, click the +Create Analyst Task button. In the Analyst Task Editor window, specify the details for the following fields:
Name: Visible name of the element in the visual editor.
Description: Description of the Task to be shown to the analyst.
Task Scope: Task scope is enabled here and these items will be filtered and shown to the analyst and expected to be completed by him/her.
Scope Item Categories: Input scope item types are selected here. This area supports multiselection.
Task Output: Task output is enabled here.
Scope Item Category: Expected scope item type is selected here. Scope item’s created by the analyst will have this type. This area is single selection.
Task Merge: If in a case has more than one alert or a consolidation is ongoing it is possible that the workflow will run more than once and there will be tasks recurring for the analyst to complete. Task Merge gathers tasks occurring from the same workflow and shows them as one task to the analyst reducing their load. Timeout Span will be merged as well and SOAR will update the merged tasks Due Time as the most current one.
Using Task Output or Analyst Decision will disable Task Merge capability of SOAR for that elements. Task Scope is limited to handle 200 scope items. A task containing more than 200 scope items will be divided into more than one task.
Editing and Deleting a Task
You can edit an existing task by clicking the Edit button under the Actions column. When you click the Edit button, Analyst Task Editor window is displayed. Specify the values in editor window as per your requirement and click Save to modify.
You can delete an existing task by clicking the Delete button under the Actions column.