We are currently testing some of the functionality of Palo Alto Traps 4 More specifically we are testing Security Events > Post Detection > Malware Post Detected. We are wondering if any functionality is in place to mark any of these post detected events as “read” or “under review”. From what I can see we can only choose “Delete Selected” and “Create Note”. If we were to choose “Delete Selected” does this actually delete them or does this move them to another location? For example if I was to accidently delete a row how would I retrieve it or perform audits on this. The Create Note sections only adds a note once you open the row and does not put a mark against the item. I have looked at the user guide for traps but it has not been very helpful for me but I expect I may have missed something. If you can offer any advice on this that would be very appreciated.
... View more