Thank you for your feedback.
Form temporarily unavailable. Please try again or contact to submit your comments.

Exclude security artifacts from a case

Log in to subscribe to topics and get notified when content changes.

Exclude security artifacts from a case

You can remove artifacts from the lists of supporting artifacts. They are not permanently removed and can be returned to the case as needed.

Before you begin

The Threat Intelligence plugin must be activated to use Security Case Management.

Role required: sn_ti.case_user_write


  1. Open a case that contains artifacts that you want to exclude from a list.
  2. Click the Case Artifacts related list.
  3. Click the tab associated with the artifacts you want to exclude. For example, click Incidents to exclude security incidents from the list.
  4. Select one or more artifact records that you want to exclude.
    Exclude security incidents from the list
  5. From the Actions on selected items drop-down list, select Exclude.
  6. Click Exclude in the confirmation box.
    The selected artifacts are removed from the list.