Prisma Cloud Why does Urgent Risks and Incidents count on Command Center not match with the actual alert count on the Investigate tab ?

Prisma Cloud Why does Urgent Risks and Incidents count on Command Center not match with the actual alert count on the Investigate tab ?

417
Created On 05/29/24 02:43 AM - Last Modified 02/21/25 14:48 PM


Question


Why does the Count under Urgent Risks and Incidents does not match with the count of Alerts when clicking on the count and navigating to the Investigate tab?

Environment


  • Prisma Cloud
  • Home Urgent Risks and Incidents
  • Urgent Incidents in Command Center

Answer


The Urgent Risks and Incidents counters in the Home page are derived from the Command Center > Urgent Incidents count.
Screenshot 2024-05-29 at 10.38.00 AM.png

In this case the Urgent Incidents count is 20 here.
However, when clicked on the count and redirected to the investigate tab, the number alerts seen there is only 19.

Screenshot 2024-05-22 at 2.35.07 PM.png


1. This is expected behaviour.
2. The Command Center is a separate service that periodically pulls the incident count from the Alerts Database.
3. However, the Investigate tab always displays the latest possible results.
4. The Command center counts are not designed to be accurate and will be always a little outdated. 
5. It is designed to provide an approximate count.

Always go to investigate tab to get the correct count of alerts.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000010z1FCAQ&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail