Thank you for your feedback.
Form temporarily unavailable. Please try again or contact docfeedback@servicenow.com to submit your comments.
Versions
  • London
  • Kingston
  • Jakarta
  • Istanbul
  • Helsinki
  • Geneva
  • Store
Close

Annotate security artifacts

Annotate security artifacts

As you are analyzing a case, you can add annotations to any artifact.

Before you begin

The Threat Intelligence plugin must be activated to use Security Case Management.
Role required:
  • sn_ti.case_user_write for adding annotations
  • sn_ti.case_user_read to view annotations

Procedure

  1. Open a case that contains artifacts that you want to annotate.
  2. Click the Case Artifacts related list.
  3. Click the tab associated with the artifacts you want to annotate. For example, click Indicators of Compromise to add annotations to IoCs.
  4. To add an annotation to one or more artifacts, perform the following steps:
    1. Select the artifacts to which you want to add an annotation.
    2. Click Annotate.
      Add an annotation
    3. Type the annotation and click Annotate.
      The annotation is added to the selected artifacts.
  5. To view annotations for an artifact, click the View annotations () icon.
    The existing annotations appear in the Annotations dialog box.
    Annotations dialog box
  6. You can also enter a new annotation for the artifact in the Security Annotation box, and click Annotate.