DOC-271

docs/includes/similar-cases-alerts-filters.md

@@ -0,0 +1,2 @@
+!!! tip "Filters"
+    [Select the filters](/thehive/user-guides/organization/configure-organization/manage-ui-configuration/select-similar-cases-alerts-filters/) you want to apply on the **Similar cases** and **Similar alerts** tabs to find what you need faster.

docs/includes/ui-configuration-tab-go-to.md

@@ -0,0 +1,3 @@
+Select the **UI Configuration** tab.
+
+    ![UI configuration](/thehive/images/user-guides/organization/configure-organization/manage-ui-configuration/organization-view-ui-configuration.png)

docs/thehive/user-guides/analyst-corner/alerts/add-an-alert-to-an-existing-case.md

@@ -27,6 +27,9 @@ If it requires a separate investigation, [create a case from the alert](create-a
 
 3. In the **Merge alerts into case** drawer, search for the case by title or case number.
 
+    !!! note "Closed cases"
+        If you’re unable to find closed cases, it means your organization has [deactivated merging alerts into closed cases](../../organization/configure-organization/manage-ui-configuration/prevent-merging-alerts-into-closed-cases.md).
+
 4. Select **Merge**.
 
 <h2>Next steps</h2>

docs/thehive/user-guides/analyst-corner/alerts/search-for-alerts/find-an-alert.md

@@ -11,6 +11,8 @@ If you’re unsure which method to use, refer to the [Overview of Search Methods
 
 *Use this method if you want to find one or more alerts similar to a known alert and need to perform actions on them simultaneously.*
 
+{!includes/similar-cases-alerts-filters.md!}
+
 1. Open a case, an alert, or a task, and select the **Similar alerts** tab.
 
     ![Similar alerts](../../../../images/user-guides/analyst-corner/cases/similar-alerts.png)

docs/thehive/user-guides/analyst-corner/cases/create-a-new-case.md

@@ -3,17 +3,12 @@
 This topic provides step-by-step instructions for creating a [case](../cases/about-cases.md) in TheHive.
 
 Several options are offered to create a case in TheHive:
-
+  
 * [Create an empty case](#create-an-empty-case)
-
 * [Create a case from a template](#create-a-case-from-a-template)
-
 * [Create a case from an archived case](#create-a-case-from-an-archived-case)
-
 * [Create a case from a MISP event](#create-a-case-from-a-misp-event)
-
 * [Create a case from an alert](#create-a-case-from-an-alert)
-
 * [Create a case from a detection tool](#create-a-case-from-a-detection-tool)
 
 {!includes/access-create-a-case.md!}
@@ -24,6 +19,9 @@ Several options are offered to create a case in TheHive:
 
 2. In the **Create case** drawer, select **Empty case**.
 
+    !!! tip "Can't find the empty case option?"
+        If you don’t see the empty case option, your organization has likely [hidden it](../../organization/configure-organization/manage-ui-configuration/prevent-creating-empty-cases.md) to ensure cases are created only from templates, archived cases, or MISP for better standardization.
+
 3. Enter the following fields:
 
     **- Title \***  
@@ -114,7 +112,7 @@ Several options are offered to create a case in TheHive:
 
 4. Select **Confirm**.
 
-## Create a case from a MISP event
+## Create a case from a [MISP event](../../../administration/misp-integration/about-misp-integration.md)
 
 !!! info "Data transfer"
     When creating a case from a MISP event, data from the event, such as observables, is automatically transferred to the case.

docs/thehive/user-guides/analyst-corner/cases/find-similar-alerts-cases.md

@@ -6,13 +6,15 @@ Similarity checks between cases and alerts are based on [observables](../cases/o
 
 Use this procedure to identify similar cases or to correlate alerts with other alerts or with ongoing cases.
 
+{!includes/similar-cases-alerts-filters.md!}
+
 ## Find similar alerts
 
 1. [Find the alert](../alerts/search-for-alerts/find-an-alert.md) or [case](../cases/search-for-cases/find-a-case.md) you want to compare for similarity.
 
 2. Select the **Similar alerts** tab.
 
-    ![Similar alerts](/thehive/images/user-guides/analyst-corner/cases/similar-alerts.png)
+    ![Similar alerts](../../../images/user-guides/analyst-corner/cases/similar-alerts.png)
 
 3. Select **See all** in the **Matches** column to view the list of common observables.
 
@@ -24,7 +26,7 @@ Use this procedure to identify similar cases or to correlate alerts with other a
 
 2. Select the **Similar cases** tab.
 
-    ![Similar cases](/thehive/images/user-guides/analyst-corner/cases/similar-cases.png)
+    ![Similar cases](../../../images/user-guides/analyst-corner/cases/similar-cases.png)
 
 3. Select **See all** in the **Matches** column to view the list of common observables.
 

docs/thehive/user-guides/analyst-corner/cases/search-for-cases/find-a-case.md

@@ -27,6 +27,8 @@ If you’re unsure which method to use, refer to the [Overview of Search Methods
 
 *Use this method if you want to find one or more cases similar to a known case without needing to perform actions on them simultaneously.*
 
+{!includes/similar-cases-alerts-filters.md!}
+
 1. Open a case, an alert, or a task, and select the **Similar cases** tab.
 
     ![Similar cases](../../../../images/user-guides/analyst-corner/cases/similar-cases.png)

docs/thehive/user-guides/analyst-corner/dashboard/about-dashboards.md

@@ -61,5 +61,7 @@ Every user has read access to the dashboards within their organization and can e
 * [Add or Remove Widgets in a Dashboard](add-remove-widgets-dashboard.md)
 * [Change the Visibility of a Dashboard](change-visibility-of-a-dashboard.md)
 * [Export or Import a Dashboard](export-import-a-dashboard.md)
+* [Adjust Dashboard Refresh Frequency](adjust-dashboard-refresh-frequency.md)
+* [Set a Dashboard Display Period](set-dashboard-display-period.md)
 * [Download a Dashboard](download-a-dashboard.md)
 * [Delete a Dashboard](delete-a-dashboard.md)

docs/thehive/user-guides/analyst-corner/dashboard/add-remove-widgets-dashboard.md

@@ -42,5 +42,7 @@ This topic provides step-by-step instructions for adding or removing [widgets](w
 * [Create a Dashboard](create-a-dashboard.md)
 * [Change the Visibility of a Dashboard](change-visibility-of-a-dashboard.md)
 * [Export or Import a Dashboard](export-import-a-dashboard.md)
+* [Adjust Dashboard Refresh Frequency](adjust-dashboard-refresh-frequency.md)
+* [Set a Dashboard Display Period](set-dashboard-display-period.md)
 * [Download a Dashboard](download-a-dashboard.md)
 * [Delete a Dashboard](delete-a-dashboard.md)

docs/thehive/user-guides/analyst-corner/dashboard/adjust-dashboard-refresh-frequency.md

@@ -0,0 +1,28 @@
+# How to Adjust Dashboard Refresh Frequency
+
+This topic provides step-by-step instructions for adjusting [dashboard](about-dashboards.md) refresh frequency in TheHive.
+
+If you need to pause dashboard refresh and prevent users from re-enabling it due to performance issues, see [Pause Dashboard Refresh](../../organization/configure-organization/manage-ui-configuration/pause-dashboard-refresh.md).
+
+<h2>Procedure</h2>
+
+1. {!includes/dashboards-view-go-to.md!}
+
+2. On the dashboards list, select the name of your dashboard.
+
+    {!includes/filters-sorts-views.md!}
+
+3. Select the desired frequency from the **Refresh** dropdown list.
+
+    ![Update dashboard refresh frequency](../../../images/user-guides/analyst-corner/dashboard/dashboard-refresh-frequency.png)
+
+<h2>Next steps</h2>
+
+* [Widgets in Dashboards](widgets-dashboards.md)
+* [Create a Dashboard](create-a-dashboard.md)
+* [Add or Remove Widgets in a Dashboard](add-remove-widgets-dashboard.md)
+* [Change the Visibility of a Dashboard](change-visibility-of-a-dashboard.md)
+* [Export or Import a Dashboard](export-import-a-dashboard.md)
+* [Set a Dashboard Display Period](set-dashboard-display-period.md)
+* [Download a Dashboard](download-a-dashboard.md)
+* [Delete a Dashboard](delete-a-dashboard.md)

docs/thehive/user-guides/analyst-corner/dashboard/change-visibility-of-a-dashboard.md

@@ -25,5 +25,7 @@ This topic provides step-by-step instructions for changing the visibility of a [
 * [Create a Dashboard](create-a-dashboard.md)
 * [Add or Remove Widgets in a Dashboard](add-remove-widgets-dashboard.md)
 * [Export or Import a Dashboard](export-import-a-dashboard.md)
+* [Adjust Dashboard Refresh Frequency](adjust-dashboard-refresh-frequency.md)
+* [Set a Dashboard Display Period](set-dashboard-display-period.md)
 * [Download a Dashboard](download-a-dashboard.md)
 * [Delete a Dashboard](delete-a-dashboard.md)

docs/thehive/user-guides/analyst-corner/dashboard/create-a-dashboard.md

@@ -46,5 +46,7 @@ If you want to use a dashboard from another organization or TheHive instance as
 * [Add or Remove Widgets in a Dashboard](add-remove-widgets-dashboard.md)
 * [Change the Visibility of a Dashboard](change-visibility-of-a-dashboard.md)
 * [Export or Import a Dashboard](export-import-a-dashboard.md)
+* [Adjust Dashboard Refresh Frequency](adjust-dashboard-refresh-frequency.md)
+* [Set a Dashboard Display Period](set-dashboard-display-period.md)
 * [Download a Dashboard](download-a-dashboard.md)
 * [Delete a Dashboard](delete-a-dashboard.md)

docs/thehive/user-guides/analyst-corner/dashboard/delete-a-dashboard.md

@@ -24,4 +24,6 @@ This topic provides step-by-step instructions for deleting a [dashboard](about-d
 * [Add or Remove Widgets in a Dashboard](add-remove-widgets-dashboard.md)
 * [Change the Visibility of a Dashboard](change-visibility-of-a-dashboard.md)
 * [Export or Import a Dashboard](export-import-a-dashboard.md)
+* [Adjust Dashboard Refresh Frequency](adjust-dashboard-refresh-frequency.md)
+* [Set a Dashboard Display Period](set-dashboard-display-period.md)
 * [Download a Dashboard](download-a-dashboard.md)

docs/thehive/user-guides/analyst-corner/dashboard/download-a-dashboard.md

@@ -28,4 +28,6 @@ To download your dashboard in JSON format, refer to the [Export a Dashboard](exp
 * [Create a Dashboard](create-a-dashboard.md)
 * [Add or Remove Widgets in a Dashboard](add-remove-widgets-dashboard.md)
 * [Change the Visibility of a Dashboard](change-visibility-of-a-dashboard.md)
+* [Adjust Dashboard Refresh Frequency](adjust-dashboard-refresh-frequency.md)
+* [Set a Dashboard Display Period](set-dashboard-display-period.md)
 * [Delete a Dashboard](delete-a-dashboard.md)

docs/thehive/user-guides/analyst-corner/dashboard/export-import-a-dashboard.md

@@ -42,5 +42,7 @@ Use this procedure to use a dashboard from another organization or TheHive insta
 * [Create a Dashboard](create-a-dashboard.md)
 * [Add or Remove Widgets in a Dashboard](add-remove-widgets-dashboard.md)
 * [Change the Visibility of a Dashboard](change-visibility-of-a-dashboard.md)
+* [Adjust Dashboard Refresh Frequency](adjust-dashboard-refresh-frequency.md)
+* [Set a Dashboard Display Period](set-dashboard-display-period.md)
 * [Download a Dashboard](download-a-dashboard.md)
 * [Delete a Dashboard](delete-a-dashboard.md)

docs/thehive/user-guides/analyst-corner/dashboard/set-dashboard-display-period.md

@@ -0,0 +1,28 @@
+# How to Set a Dashboard Display Period
+
+This topic provides step-by-step instructions for setting a display period for a [dashboard](about-dashboards.md) in TheHive.
+
+If you need to remove the **All periods** option due to performance issues, see [Remove the All Periods Option](../../organization/configure-organization/manage-ui-configuration/remove-all-periods-option.md).
+
+<h2>Procedure</h2>
+
+1. {!includes/dashboards-view-go-to.md!}
+
+2. On the dashboards list, select the name of your dashboard.
+
+    {!includes/filters-sorts-views.md!}
+
+3. Select the desired display period from the **Period** dropdown list.
+
+    ![Update dashboard display period](../../../images/user-guides/analyst-corner/dashboard/dashboard-display-period.png)
+
+<h2>Next steps</h2>
+
+* [Widgets in Dashboards](widgets-dashboards.md)
+* [Create a Dashboard](create-a-dashboard.md)
+* [Add or Remove Widgets in a Dashboard](add-remove-widgets-dashboard.md)
+* [Change the Visibility of a Dashboard](change-visibility-of-a-dashboard.md)
+* [Export or Import a Dashboard](export-import-a-dashboard.md)
+* [Adjust Dashboard Refresh Frequency](adjust-dashboard-refresh-frequency.md)
+* [Download a Dashboard](download-a-dashboard.md)
+* [Delete a Dashboard](delete-a-dashboard.md)

docs/thehive/user-guides/key-performance-indicators/key-performance-indicators.md

@@ -4,7 +4,9 @@
 
 TheHive provides valuable insights into event and incident time metrics, enabling you to track key performance indicators (KPIs) for [cases](../analyst-corner/cases/about-cases.md) and [alerts](../analyst-corner/alerts/about-alerts.md).
 
-These KPIs are displayed by default on all cases and alerts in TheHive. You can also integrate them into dashboards and case reports.
+These KPIs are displayed by default on all cases and alerts in TheHive. However, you can [hide some or all indicators](../organization/configure-organization/manage-ui-configuration/hide-key-performance-indicators.md) if they're not useful or may be misleading for your organization.
+
+You can also include these KPIs in dashboards and case reports.
 
 This topic defines each of these indicators.
 
@@ -62,6 +64,6 @@ For more information on these KPIs, consult this [SecurityScorecard blog post](h
 <h2>Next steps</h2>
 
 * [Date Field Definitions for Alerts and Cases](../date-field-definitions-alerts-cases.md)
-* [Hide Key Performance Indicators](hide-key-performance-indicators.md)
+* [Hide Key Performance Indicators](../organization/configure-organization/manage-ui-configuration/hide-key-performance-indicators.md)
 * [Measure Case Performance](measure-case-management-performance.md)
 * [Measure Alert Performance](measure-alert-management-performance.md)

docs/thehive/user-guides/organization/configure-organization/manage-ui-configuration/hide-key-performance-indicators.md

@@ -0,0 +1,36 @@
+# How to Hide Key Performance Indicators
+
+<!-- md:version 5.4 -->
+
+This topic provides step-by-step instructions for hiding one or several key performance indicators (KPIs) for [cases](../../../analyst-corner/cases/about-cases.md) and [alerts](../../../analyst-corner/alerts/about-alerts.md) in TheHive.
+
+By default, all indicators appear in case and alert descriptions.
+
+You can hide some or all indicators if they're not useful or could be misleading for your organization.
+
+If you want to know more about the KPIs available in TheHive, refer to the [Key Performance Indicators](../../../key-performance-indicators/key-performance-indicators.md) topic.
+
+!!! warning "Required permissions"
+    Only users with the `manageConfig` permission can hide KPIs in cases and alerts in TheHive.
+
+<h2>Procedure</h2>
+
+1. {!includes/organization-view-go-to.md!}
+
+2. {!includes/ui-configuration-tab-go-to.md!}
+
+3. Move through the **Time metrics** section.
+
+4. Turn on the toggles for the indicators you want to hide in case and alert descriptions.
+
+5. Select **Confirm**.
+
+<h2>Next steps</h2>
+
+* [Measure Case Management Performance](../../../key-performance-indicators/measure-case-management-performance.md)
+* [Measure Alert Management Performance](../../../key-performance-indicators/measure-alert-management-performance.md)
+* [Pause Dashboard Refresh](pause-dashboard-refresh.md)
+* [Remove the All Periods Option in a Dashboard](remove-all-periods-option.md)
+* [Prevent Users from Creating Empty Cases](prevent-creating-empty-cases.md)
+* [Prevent Users from Merging Alerts into Closed Cases](prevent-merging-alerts-into-closed-cases.md)
+* [Select Similar Cases and Alerts Filters](select-similar-cases-alerts-filters.md)

docs/thehive/user-guides/organization/configure-organization/manage-ui-configuration/pause-dashboard-refresh.md

@@ -0,0 +1,28 @@
+# How to Pause Dashboard Refresh
+
+This topic provides step-by-step instructions for pausing [dashboard](../../../analyst-corner/dashboard/about-dashboards.md) refresh in TheHive.
+
+Use this procedure to improve application performance by preventing dashboard refresh and stopping users from re-enabling it.
+
+To reduce the refresh frequency while keeping it enabled, see [Adjust Dashboard Refresh Frequency](../../../analyst-corner/dashboard/adjust-dashboard-refresh-frequency.md).
+
+!!! warning "Required permissions"
+    Only users with the `manageConfig` permission can pause dashboard refresh in TheHive.
+
+<h2>Procedure</h2>
+
+1. {!includes/organization-view-go-to.md!}
+
+2. {!includes/ui-configuration-tab-go-to.md!}
+
+3. In the **Dashboard** section, turn on the **Disallow refresh option in dashboards** toggle.
+
+4. Select **Confirm**.
+
+<h2>Next steps</h2>
+
+* [Remove the All Periods Option in a Dashboard](remove-all-periods-option.md)
+* [Prevent Users from Creating Empty Cases](prevent-creating-empty-cases.md)
+* [Prevent Users from Merging Alerts into Closed Cases](prevent-merging-alerts-into-closed-cases.md)
+* [Select Similar Cases and Alerts Filters](select-similar-cases-alerts-filters.md)
+* [Hide Key Performance Indicators](hide-key-performance-indicators.md)

docs/thehive/user-guides/organization/configure-organization/manage-ui-configuration/prevent-creating-empty-cases.md

@@ -0,0 +1,26 @@
+# How to Prevent Users from Creating Empty Cases
+
+This topic provides step-by-step instructions for hiding the empty case option when [creating a case](../../../analyst-corner/cases/create-a-new-case.md#) in TheHive.
+
+By default, the empty case option is available. Use this procedure to require users to create cases only from templates, archived cases, or MISP to ensure better standardization.
+
+!!! warning "Required permissions"
+    Only users with the `manageConfig` permission can hide the empty case option in TheHive.
+
+<h2>Procedure</h2>
+
+1. {!includes/organization-view-go-to.md!}
+
+2. {!includes/ui-configuration-tab-go-to.md!}
+
+3. In the **Alert and case** section, turn on the **Hide empty case button** toggle.
+
+4. Select **Confirm**.
+
+<h2>Next steps</h2>
+
+* [Pause Dashboard Refresh](pause-dashboard-refresh.md)
+* [Remove the All Periods Option in a Dashboard](remove-all-periods-option.md)
+* [Select Similar Cases and Alerts Filters](select-similar-cases-alerts-filters.md)
+* [Prevent Users from Merging Alerts into Closed Cases](prevent-merging-alerts-into-closed-cases.md)
+* [Hide Key Performance Indicators](hide-key-performance-indicators.md)