{"users":[{"id":97,"username":"kevin.joyce","name":"Kevin Joyce","avatar_template":"/user_avatar/community.netwrix.com/kevin.joyce/{size}/645_2.png","primary_group_name":"netwrix_employees","flair_name":"netwrix_employees","flair_url":"https://netwrix1.discourse-cdn.com/netwrix/original/2X/e/e1046ceecb5e0407a4719a8288d388c360b94643.png","flair_bg_color":"FFFFFF","flair_group_id":42,"trust_level":3},{"id":309,"username":"Ashleys","name":"Ashley Saigne","avatar_template":"/user_avatar/community.netwrix.com/ashleys/{size}/421_2.png","primary_group_name":"netwrix_employees","flair_name":"netwrix_employees","flair_url":"https://netwrix1.discourse-cdn.com/netwrix/original/2X/e/e1046ceecb5e0407a4719a8288d388c360b94643.png","flair_bg_color":"FFFFFF","flair_group_id":42,"trust_level":2},{"id":1468,"username":"ian.ranstrom","name":"Ian","avatar_template":"https://avatars.discourse-cdn.com/v4/letter/i/85f322/{size}.png","primary_group_name":"netwrix_employees","flair_name":"netwrix_employees","flair_url":"https://netwrix1.discourse-cdn.com/netwrix/original/2X/e/e1046ceecb5e0407a4719a8288d388c360b94643.png","flair_bg_color":"FFFFFF","flair_group_id":42,"trust_level":1},{"id":809,"username":"nicpenning","name":"Nicholas Penning","avatar_template":"/user_avatar/community.netwrix.com/nicpenning/{size}/853_2.png","trust_level":1},{"id":38,"username":"CoachJonno","name":"Jonathan Blackwell","avatar_template":"/user_avatar/community.netwrix.com/coachjonno/{size}/427_2.png","primary_group_name":"netwrix_employees","flair_name":"netwrix_employees","flair_url":"https://netwrix1.discourse-cdn.com/netwrix/original/2X/e/e1046ceecb5e0407a4719a8288d388c360b94643.png","flair_bg_color":"FFFFFF","flair_group_id":42,"trust_level":3},{"id":3969,"username":"Maciek","name":"Maciej Kedzielski","avatar_template":"/user_avatar/community.netwrix.com/maciek/{size}/2086_2.png","primary_group_name":"netwrix_employees","flair_name":"netwrix_employees","flair_url":"https://netwrix1.discourse-cdn.com/netwrix/original/2X/e/e1046ceecb5e0407a4719a8288d388c360b94643.png","flair_bg_color":"FFFFFF","flair_group_id":42,"trust_level":1},{"id":307,"username":"mcando","name":"Mike Candon","avatar_template":"/user_avatar/community.netwrix.com/mcando/{size}/621_2.png","primary_group_name":"netwrix_employees","flair_name":"netwrix_employees","flair_url":"https://netwrix1.discourse-cdn.com/netwrix/original/2X/e/e1046ceecb5e0407a4719a8288d388c360b94643.png","flair_bg_color":"FFFFFF","flair_group_id":42,"trust_level":1},{"id":616,"username":"justin-eevabits","name":"Justin Cahill","avatar_template":"https://avatars.discourse-cdn.com/v4/letter/j/a183cd/{size}.png","trust_level":2},{"id":385,"username":"jweise","name":"Jimmy Weise","avatar_template":"https://avatars.discourse-cdn.com/v4/letter/j/a88e4f/{size}.png","trust_level":0},{"id":552,"username":"ACDunn3","name":"Art Dunn","avatar_template":"https://avatars.discourse-cdn.com/v4/letter/a/73ab20/{size}.png","trust_level":1},{"id":305,"username":"Joshua.Sexton","name":"Joshua Sexton","avatar_template":"/user_avatar/community.netwrix.com/joshua.sexton/{size}/419_2.png","primary_group_name":"netwrix_employees","flair_name":"netwrix_employees","flair_url":"https://netwrix1.discourse-cdn.com/netwrix/original/2X/e/e1046ceecb5e0407a4719a8288d388c360b94643.png","flair_bg_color":"FFFFFF","flair_group_id":42,"trust_level":1},{"id":314,"username":"DevonAnderson","name":"Devon Anderson","avatar_template":"/user_avatar/community.netwrix.com/devonanderson/{size}/1436_2.png","primary_group_name":"netwrix_employees","flair_name":"netwrix_employees","flair_url":"https://netwrix1.discourse-cdn.com/netwrix/original/2X/e/e1046ceecb5e0407a4719a8288d388c360b94643.png","flair_bg_color":"FFFFFF","flair_group_id":42,"trust_level":1},{"id":326,"username":"brandon.west","name":"Brandon West","avatar_template":"https://avatars.discourse-cdn.com/v4/letter/b/977dab/{size}.png","primary_group_name":"netwrix_employees","flair_name":"netwrix_employees","flair_url":"https://netwrix1.discourse-cdn.com/netwrix/original/2X/e/e1046ceecb5e0407a4719a8288d388c360b94643.png","flair_bg_color":"FFFFFF","flair_group_id":42,"trust_level":1},{"id":2996,"username":"M_walker","name":"Mark Walker","avatar_template":"https://avatars.discourse-cdn.com/v4/letter/m/3ab097/{size}.png","trust_level":1},{"id":710,"username":"vinayks","name":"Vinay","avatar_template":"https://avatars.discourse-cdn.com/v4/letter/v/6a8cbe/{size}.png","trust_level":1},{"id":13006,"username":"erick.nava","name":"Erick Nava","avatar_template":"https://avatars.discourse-cdn.com/v4/letter/e/8baadc/{size}.png","trust_level":1},{"id":3,"username":"derek.putnam","name":"Derek Putnam","avatar_template":"/user_avatar/community.netwrix.com/derek.putnam/{size}/501_2.png","primary_group_name":"netwrix_employees","flair_name":"netwrix_employees","flair_url":"https://netwrix1.discourse-cdn.com/netwrix/original/2X/e/e1046ceecb5e0407a4719a8288d388c360b94643.png","flair_bg_color":"FFFFFF","flair_group_id":42,"admin":true,"trust_level":4},{"id":417,"username":"AndyMuschlewski","name":"Andy Muschlewski","avatar_template":"/user_avatar/community.netwrix.com/andymuschlewski/{size}/515_2.png","primary_group_name":"netwrix_employees","flair_name":"netwrix_employees","flair_url":"https://netwrix1.discourse-cdn.com/netwrix/original/2X/e/e1046ceecb5e0407a4719a8288d388c360b94643.png","flair_bg_color":"FFFFFF","flair_group_id":42,"trust_level":1},{"id":33795,"username":"bradomski","name":"Bartłomiej Radomski","avatar_template":"https://avatars.discourse-cdn.com/v4/letter/b/f17d59/{size}.png","trust_level":1},{"id":481,"username":"solidxsnake","name":"Rej Uddin","avatar_template":"/user_avatar/community.netwrix.com/solidxsnake/{size}/519_2.png","primary_group_name":"netwrix_employees","flair_name":"netwrix_employees","flair_url":"https://netwrix1.discourse-cdn.com/netwrix/original/2X/e/e1046ceecb5e0407a4719a8288d388c360b94643.png","flair_bg_color":"FFFFFF","flair_group_id":42,"trust_level":1}],"primary_groups":[{"id":42,"name":"netwrix_employees"}],"flair_groups":[{"id":42,"name":"netwrix_employees","flair_url":"https://netwrix1.discourse-cdn.com/netwrix/original/2X/e/e1046ceecb5e0407a4719a8288d388c360b94643.png","flair_bg_color":"FFFFFF","flair_color":""}],"topic_list":{"can_create_topic":false,"more_topics_url":"/c/products/threat-manager/ideas/159?page=1","per_page":30,"top_tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":7,"name":"threat-manager","slug":"threat-manager"},{"id":136,"name":"under-review","slug":"under-review"},{"id":115,"name":"planned","slug":"planned"},{"id":137,"name":"completed","slug":"completed"},{"id":135,"name":"new","slug":"new"},{"id":493,"name":"planned-long-term","slug":"planned-long-term"},{"id":237,"name":"alerts","slug":"alerts"},{"id":113,"name":"in-progress","slug":"in-progress"},{"id":210,"name":"investigation-reports","slug":"investigation-reports"},{"id":198,"name":"ntp-reporting","slug":"ntp-reporting"},{"id":200,"name":"playbooks","slug":"playbooks"},{"id":4,"name":"privilege-secure","slug":"privilege-secure"},{"id":65,"name":"sharepoint","slug":"sharepoint"},{"id":77,"name":"sharepoint-online","slug":"sharepoint-online"},{"id":418,"name":"siem","slug":"siem"},{"id":8,"name":"threat-prevention","slug":"threat-prevention"}],"topics":[{"fancy_title":"Auto tuning of threats","fancy_title_localized":false,"locale":"en","id":7357,"title":"Auto tuning of threats","slug":"auto-tuning-of-threats","posts_count":2,"reply_count":0,"highest_post_number":2,"image_url":null,"created_at":"2025-04-14T13:21:29.759Z","last_posted_at":"2025-05-14T15:40:25.649Z","bumped":true,"bumped_at":"2025-05-14T15:40:25.649Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nWe’d like to have a button that tunes threats based on our environment size. \nPlease describe your idea in detail. What is your problem, why do you feel this idea i…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":115,"name":"planned","slug":"planned"},{"id":7,"name":"threat-manager","slug":"threat-manager"}],"tags_descriptions":{"planned":"The idea has been accepted and is scheduled for future development."},"views":76,"like_count":4,"has_summary":false,"last_poster_username":"Ashleys","category_id":159,"op_like_count":2,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"Users propose an auto-tuning feature for threat thresholds based on environment size, using stats and dynamic filters, with optional manual adjustments and audit logging for transparency.","has_accepted_answer":false,"vote_count":4,"can_vote":true,"user_voted":null,"posters":[{"extras":null,"description":"Original Poster","user_id":97,"primary_group_id":42,"flair_group_id":42},{"extras":"latest","description":"Most Recent Poster","user_id":309,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"Enhance Reporting Module with Extended Timeframe Filters and Annual Subscription Option","fancy_title_localized":false,"locale":"en","id":12179,"title":"Enhance Reporting Module with Extended Timeframe Filters and Annual Subscription Option","slug":"enhance-reporting-module-with-extended-timeframe-filters-and-annual-subscription-option","posts_count":1,"reply_count":0,"highest_post_number":1,"image_url":null,"created_at":"2025-05-01T17:54:41.028Z","last_posted_at":"2025-05-01T17:54:41.099Z","bumped":true,"bumped_at":"2025-05-19T16:40:30.940Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nPlease add “Last 6 Months,” “Last Year,” and a yearly subscription option to the Threat Prevention Reporting module. \nPlease describe your idea in detail. What is y…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":136,"name":"under-review","slug":"under-review"}],"tags_descriptions":{"under-review":"The product team is considering the idea, gathering feedback, or evaluating f..."},"views":39,"like_count":2,"has_summary":false,"last_poster_username":"kevin.joyce","category_id":159,"op_like_count":2,"pinned_globally":false,"featured_link":null,"ai_topic_gist":null,"has_accepted_answer":false,"vote_count":3,"can_vote":true,"user_voted":null,"posters":[{"extras":"latest single","description":"Original Poster, Most Recent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"Subscriptions should have the option as an attachment","fancy_title_localized":false,"locale":"en","id":13137,"title":"Subscriptions should have the option as an attachment","slug":"subscriptions-should-have-the-option-as-an-attachment","posts_count":3,"reply_count":1,"highest_post_number":3,"image_url":null,"created_at":"2025-05-08T20:42:11.968Z","last_posted_at":"2025-05-14T18:40:44.197Z","bumped":true,"bumped_at":"2025-05-14T18:40:44.197Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nSubscriptions should have the option to send reports as an attachment instead of just a link \nPlease describe your idea in detail. What is your problem, why do you …","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":7,"name":"threat-manager","slug":"threat-manager"},{"id":136,"name":"under-review","slug":"under-review"}],"tags_descriptions":{"under-review":"The product team is considering the idea, gathering feedback, or evaluating f..."},"views":60,"like_count":2,"has_summary":false,"last_poster_username":"kevin.joyce","category_id":159,"op_like_count":1,"pinned_globally":false,"featured_link":null,"ai_topic_gist":null,"expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":2,"has_accepted_answer":false,"vote_count":3,"can_vote":true,"user_voted":null,"posters":[{"extras":null,"description":"Original Poster","user_id":1468,"primary_group_id":42,"flair_group_id":42},{"extras":"latest","description":"Most Recent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":":heart_with_ribbon: Official Elastic Integration?","fancy_title_localized":false,"locale":"en","id":3198,"title":"💝 Official Elastic Integration?","slug":"official-elastic-integration","posts_count":6,"reply_count":2,"highest_post_number":6,"image_url":null,"created_at":"2025-03-20T15:26:37.559Z","last_posted_at":"2025-04-02T16:49:04.546Z","bumped":true,"bumped_at":"2025-04-02T16:49:04.546Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"Currently there is no native integration with Elastic for some of the Netwrix products. \nWould Netwrix be willing to build the integration with Elastic so customers can easily ingest all the juicy data from the Netwrix p…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":4,"name":"privilege-secure","slug":"privilege-secure"},{"id":7,"name":"threat-manager","slug":"threat-manager"},{"id":136,"name":"under-review","slug":"under-review"}],"tags_descriptions":{"under-review":"The product team is considering the idea, gathering feedback, or evaluating f..."},"views":214,"like_count":10,"has_summary":false,"last_poster_username":"nicpenning","category_id":159,"op_like_count":3,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"Netwrix users seek official Elastic integration; current workarounds include JSON templates and Logstash CEF, but native support is encouraged for seamless data ingestion via Elastic Agent.","has_accepted_answer":false,"vote_count":3,"can_vote":true,"user_voted":null,"posters":[{"extras":"latest","description":"Original Poster, Most Recent Poster","user_id":809,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42},{"extras":null,"description":"Frequent Poster","user_id":38,"primary_group_id":42,"flair_group_id":42},{"extras":null,"description":"Frequent Poster","user_id":309,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"Allow non-admin users to switch investigation source (NTP vs NTM)","fancy_title_localized":false,"locale":"en","id":128431,"title":"Allow non-admin users to switch investigation source (NTP vs NTM)","slug":"allow-non-admin-users-to-switch-investigation-source-ntp-vs-ntm","posts_count":3,"reply_count":1,"highest_post_number":3,"image_url":null,"created_at":"2026-04-16T21:37:31.702Z","last_posted_at":"2026-04-22T19:38:38.940Z","bumped":true,"bumped_at":"2026-04-22T19:38:38.940Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nEnable role-based permission for non-admin users to switch between NTP and NTM data sources during investigations. \nPlease describe your idea in detail. What is you…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":115,"name":"planned","slug":"planned"}],"tags_descriptions":{"planned":"The idea has been accepted and is scheduled for future development."},"views":16,"like_count":0,"has_summary":false,"last_poster_username":"Maciek","category_id":159,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"The development team acknowledged the feature request to allow non-admin users to switch investigation sources and has initiated tracking to determine a delivery timeline for this role-based permission update.","expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":2,"has_accepted_answer":false,"vote_count":2,"can_vote":true,"user_voted":null,"posters":[{"extras":"latest","description":"Original Poster, Most Recent Poster","user_id":3969,"primary_group_id":42,"flair_group_id":42},{"extras":null,"description":"Frequent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"NTM Reporting Module - request wildcard search capability under Investigate > Run Query","fancy_title_localized":false,"locale":"en","id":127843,"title":"NTM Reporting Module - request wildcard search capability under Investigate > Run Query","slug":"ntm-reporting-module-request-wildcard-search-capability-under-investigate-run-query","posts_count":7,"reply_count":3,"highest_post_number":7,"image_url":"https://netwrix1.discourse-cdn.com/netwrix/optimized/2X/5/53374343a6af631c2422dbb950e60b7708f42508_2_1024x558.png","created_at":"2026-04-07T20:22:29.804Z","last_posted_at":"2026-04-22T19:31:51.888Z","bumped":true,"bumped_at":"2026-04-22T19:31:51.888Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nIn the NTM Reporting Module we want the ability to conduct a wildcard search under Investigate > Run Query. \nPlease describe your idea in detail. What is your probl…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":[{"max_width":null,"max_height":null,"width":1387,"height":757,"url":"https://netwrix1.discourse-cdn.com/netwrix/original/2X/5/53374343a6af631c2422dbb950e60b7708f42508.png"},{"max_width":1024,"max_height":1024,"width":1024,"height":558,"url":"https://netwrix1.discourse-cdn.com/netwrix/optimized/2X/5/53374343a6af631c2422dbb950e60b7708f42508_2_1024x558.png"},{"max_width":800,"max_height":800,"width":800,"height":436,"url":"https://netwrix1.discourse-cdn.com/netwrix/optimized/2X/5/53374343a6af631c2422dbb950e60b7708f42508_2_800x436.png"},{"max_width":600,"max_height":600,"width":600,"height":327,"url":"https://netwrix1.discourse-cdn.com/netwrix/optimized/2X/5/53374343a6af631c2422dbb950e60b7708f42508_2_600x327.png"},{"max_width":400,"max_height":400,"width":400,"height":218,"url":"https://netwrix1.discourse-cdn.com/netwrix/optimized/2X/5/53374343a6af631c2422dbb950e60b7708f42508_2_400x218.png"},{"max_width":300,"max_height":300,"width":300,"height":163,"url":"https://netwrix1.discourse-cdn.com/netwrix/optimized/2X/5/53374343a6af631c2422dbb950e60b7708f42508_2_300x163.png"},{"max_width":200,"max_height":200,"width":200,"height":109,"url":"https://netwrix1.discourse-cdn.com/netwrix/optimized/2X/5/53374343a6af631c2422dbb950e60b7708f42508_2_200x109.png"}],"tags":[{"id":113,"name":"in-progress","slug":"in-progress"}],"tags_descriptions":{"in-progress":"Work has begun on the idea; it’s actively being implemented."},"views":30,"like_count":7,"has_summary":false,"last_poster_username":"kevin.joyce","category_id":159,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"Development confirmed that wildcard search capability will be added to the NTM Reporting Module, allowing custom values in the Investigate > Run Query section, with the feature expected in the 3.2 release.","expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":3,"has_accepted_answer":false,"vote_count":2,"can_vote":true,"user_voted":null,"posters":[{"extras":null,"description":"Original Poster","user_id":307,"primary_group_id":42,"flair_group_id":42},{"extras":null,"description":"Frequent Poster","user_id":616,"primary_group_id":null,"flair_group_id":null},{"extras":"latest","description":"Most Recent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"Option to clean up / automatically remove decommissioned agents from System Health","fancy_title_localized":false,"locale":"en","id":127839,"title":"Option to clean up / automatically remove decommissioned agents from System Health","slug":"option-to-clean-up-automatically-remove-decommissioned-agents-from-system-health","posts_count":3,"reply_count":1,"highest_post_number":3,"image_url":null,"created_at":"2026-04-07T19:31:36.462Z","last_posted_at":"2026-04-15T19:55:24.897Z","bumped":true,"bumped_at":"2026-04-15T19:55:24.897Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nAbility to automatically clean up or remove decommissioned agents from the System Health view to maintain accuracy and reduce noise. \nPlease describe your idea in d…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":115,"name":"planned","slug":"planned"}],"tags_descriptions":{"planned":"The idea has been accepted and is scheduled for future development."},"views":21,"like_count":2,"has_summary":false,"last_poster_username":"Maciek","category_id":159,"op_like_count":1,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"The vendor confirmed a Q2 release for automatically hiding decommissioned agents from System Health after seven days of inactivity to reduce clutter.","expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":2,"has_accepted_answer":false,"vote_count":2,"can_vote":true,"user_voted":null,"posters":[{"extras":"latest","description":"Original Poster, Most Recent Poster","user_id":3969,"primary_group_id":42,"flair_group_id":42},{"extras":null,"description":"Frequent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"Enable High Availability Configuration for Threat Manager","fancy_title_localized":false,"locale":"en","id":122439,"title":"Enable High Availability Configuration for Threat Manager","slug":"enable-high-availability-configuration-for-threat-manager","posts_count":3,"reply_count":0,"highest_post_number":3,"image_url":null,"created_at":"2026-02-09T18:49:49.308Z","last_posted_at":"2026-02-24T16:27:53.825Z","bumped":true,"bumped_at":"2026-02-24T16:27:53.825Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nEnable High Availability Configuration for Threat Manager \nPlease describe your idea in detail. What is your problem, why do you feel this idea is the best solution…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":493,"name":"planned-long-term","slug":"planned-long-term"}],"tags_descriptions":{"planned-long-term":"We like the idea, but it doesn’t fit into the next 12 months of our roadmap."},"views":40,"like_count":3,"has_summary":false,"last_poster_username":"ACDunn3","category_id":159,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"Threat Manager lacks native HA, so users rely on infrastructure-level solutions like VM redundancy, Zerto failover, and SQL clustering to ensure uptime until next-gen platforms offer built-in resiliency.","expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":2,"has_accepted_answer":false,"vote_count":2,"can_vote":true,"user_voted":null,"posters":[{"extras":null,"description":"Original Poster","user_id":385,"primary_group_id":null,"flair_group_id":null},{"extras":null,"description":"Frequent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42},{"extras":"latest","description":"Most Recent Poster","user_id":552,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"Include report contents in the body of subscription emails","fancy_title_localized":false,"locale":"en","id":112794,"title":"Include report contents in the body of subscription emails","slug":"include-report-contents-in-the-body-of-subscription-emails","posts_count":2,"reply_count":0,"highest_post_number":2,"image_url":null,"created_at":"2025-08-25T15:19:23.658Z","last_posted_at":"2026-01-29T20:10:02.428Z","bumped":true,"bumped_at":"2026-01-29T20:10:02.428Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nAn option to include report contents in the body of subscription emails. \nPlease describe your idea in detail. What is your problem, why do you feel this idea is th…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":136,"name":"under-review","slug":"under-review"}],"tags_descriptions":{"under-review":"The product team is considering the idea, gathering feedback, or evaluating f..."},"views":22,"like_count":0,"has_summary":false,"last_poster_username":"kevin.joyce","category_id":159,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"The team is considering including report contents in email bodies for quick review but is cautious about performance impacts, leaning toward enhanced summaries instead of full datasets.","expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":2,"has_accepted_answer":false,"vote_count":2,"can_vote":true,"user_voted":null,"posters":[{"extras":null,"description":"Original Poster","user_id":305,"primary_group_id":42,"flair_group_id":42},{"extras":"latest","description":"Most Recent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"SharePoint Activity Threat Response","fancy_title_localized":false,"locale":"en","id":120748,"title":"SharePoint Activity Threat Response","slug":"sharepoint-activity-threat-response","posts_count":3,"reply_count":0,"highest_post_number":3,"image_url":null,"created_at":"2026-01-12T23:05:08.757Z","last_posted_at":"2026-01-20T17:01:11.325Z","bumped":true,"bumped_at":"2026-01-20T17:01:11.325Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nAbility for NTM to ingest SP activity events and trigger threats/playbooks against it \nPlease describe your idea in detail. What is your problem, why do you feel th…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":65,"name":"sharepoint","slug":"sharepoint"},{"id":77,"name":"sharepoint-online","slug":"sharepoint-online"},{"id":7,"name":"threat-manager","slug":"threat-manager"},{"id":136,"name":"under-review","slug":"under-review"}],"tags_descriptions":{"under-review":"The product team is considering the idea, gathering feedback, or evaluating f..."},"views":21,"like_count":1,"has_summary":false,"last_poster_username":"kevin.joyce","category_id":159,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"NTM currently lacks SharePoint activity ingestion for threat response, though it may be considered for future 1Secure integration, despite customer demand and existing SIEM workarounds.","expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":3,"has_accepted_answer":false,"vote_count":2,"can_vote":true,"user_voted":null,"posters":[{"extras":null,"description":"Original Poster","user_id":314,"primary_group_id":42,"flair_group_id":42},{"extras":null,"description":"Frequent Poster","user_id":616,"primary_group_id":null,"flair_group_id":null},{"extras":"latest","description":"Most Recent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"Feature to set “Assignment group” field in ServiceNow incident","fancy_title_localized":false,"locale":"en","id":7430,"title":"Feature to set \"Assignment group\" field in ServiceNow incident","slug":"feature-to-set-assignment-group-field-in-servicenow-incident","posts_count":6,"reply_count":3,"highest_post_number":6,"image_url":null,"created_at":"2025-04-14T16:07:18.264Z","last_posted_at":"2025-07-18T08:59:50.793Z","bumped":true,"bumped_at":"2025-07-18T08:59:50.793Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nAdd function to route threat response to appropriate team when posting to ServiceNow \nPlease describe your idea in detail. What is your problem, why do you feel thi…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":136,"name":"under-review","slug":"under-review"}],"tags_descriptions":{"under-review":"The product team is considering the idea, gathering feedback, or evaluating f..."},"views":106,"like_count":0,"has_summary":false,"last_poster_username":"M_walker","category_id":159,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"Users request a feature to set the \"assignment group\" field in ServiceNow incidents from NTM, with discussion on whether to support AD groups for auto-complete or allow free-text for native ServiceNow groups, noting existing workarounds and the need for user knowledge of group names.","expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":2,"has_accepted_answer":false,"vote_count":2,"can_vote":true,"user_voted":null,"posters":[{"extras":null,"description":"Original Poster","user_id":326,"primary_group_id":42,"flair_group_id":42},{"extras":null,"description":"Frequent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42},{"extras":"latest","description":"Most Recent Poster","user_id":2996,"primary_group_id":null,"flair_group_id":null}]},{"fancy_title":"Wizard to Configure SSL configuration","fancy_title_localized":false,"locale":"en","id":14024,"title":"Wizard to Configure SSL configuration","slug":"wizard-to-configure-ssl-configuration","posts_count":2,"reply_count":0,"highest_post_number":2,"image_url":null,"created_at":"2025-05-14T20:57:40.758Z","last_posted_at":"2025-05-15T13:41:58.602Z","bumped":true,"bumped_at":"2025-05-15T13:59:46.114Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nReplace manual configuration for SSL certs with a Wizard \nPlease describe your idea in detail. What is your problem, why do you feel this idea is the best solution,…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":115,"name":"planned","slug":"planned"},{"id":7,"name":"threat-manager","slug":"threat-manager"}],"tags_descriptions":{"planned":"The idea has been accepted and is scheduled for future development."},"views":46,"like_count":6,"has_summary":false,"last_poster_username":"kevin.joyce","category_id":159,"op_like_count":4,"pinned_globally":false,"featured_link":null,"ai_topic_gist":null,"expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":2,"has_accepted_answer":false,"vote_count":2,"can_vote":true,"user_voted":null,"posters":[{"extras":null,"description":"Original Poster","user_id":326,"primary_group_id":42,"flair_group_id":42},{"extras":"latest","description":"Most Recent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"Column Customization in Event Details Section of Investigation Reports","fancy_title_localized":false,"locale":"en","id":9735,"title":"Column Customization in Event Details Section of Investigation Reports","slug":"column-customization-in-event-details-section-of-investigation-reports","posts_count":3,"reply_count":1,"highest_post_number":3,"image_url":null,"created_at":"2025-04-22T07:34:54.986Z","last_posted_at":"2025-04-25T02:49:49.668Z","bumped":true,"bumped_at":"2025-04-25T02:49:49.668Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nThis will help to see only relevant columns and no need to expand each event. \nPlease describe your idea in detail. What is your problem, why do you feel this idea …","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":210,"name":"investigation-reports","slug":"investigation-reports"},{"id":136,"name":"under-review","slug":"under-review"}],"tags_descriptions":{"under-review":"The product team is considering the idea, gathering feedback, or evaluating f..."},"views":51,"like_count":5,"has_summary":false,"last_poster_username":"kevin.joyce","category_id":159,"op_like_count":3,"pinned_globally":false,"featured_link":null,"ai_topic_gist":null,"expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":2,"has_accepted_answer":false,"vote_count":2,"can_vote":true,"user_voted":null,"posters":[{"extras":null,"description":"Original Poster","user_id":710,"primary_group_id":null,"flair_group_id":null},{"extras":"latest","description":"Most Recent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"Alert Exclusion request - Impossible Travel","fancy_title_localized":false,"locale":"en","id":129301,"title":"Alert Exclusion request - Impossible Travel","slug":"alert-exclusion-request-impossible-travel","posts_count":2,"reply_count":0,"highest_post_number":2,"image_url":null,"created_at":"2026-04-22T14:57:29.181Z","last_posted_at":"2026-05-05T19:38:57.335Z","bumped":true,"bumped_at":"2026-05-05T19:38:57.335Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nExcluding impossible travel alerts based on the user and country or city. \nPlease describe your idea in detail. What is your problem, why do you feel this idea is t…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":136,"name":"under-review","slug":"under-review"}],"tags_descriptions":{"under-review":"The product team is considering the idea, gathering feedback, or evaluating f..."},"views":12,"like_count":0,"has_summary":false,"last_poster_username":"kevin.joyce","category_id":159,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"Erick Nava requests excluding impossible travel alerts for remote workers, prompting Kevin Joyce to clarify whether the solution requires a global pre-approved location setting or specific user-to-location alignment.","expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":2,"has_accepted_answer":false,"vote_count":1,"can_vote":true,"user_voted":null,"posters":[{"extras":null,"description":"Original Poster","user_id":13006,"primary_group_id":null,"flair_group_id":null},{"extras":"latest","description":"Most Recent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"Added tag selection flexibility in investigation builder","fancy_title_localized":false,"locale":"en","id":129935,"title":"Added tag selection flexibility in investigation builder","slug":"added-tag-selection-flexibility-in-investigation-builder","posts_count":1,"reply_count":0,"highest_post_number":1,"image_url":null,"created_at":"2026-05-01T15:15:19.309Z","last_posted_at":"2026-05-01T15:15:19.572Z","bumped":true,"bumped_at":"2026-05-01T15:15:19.572Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nAllow a tag to be selected across different relevant filter types \nPlease describe your idea in detail. What is your problem, why do you feel this idea is the best …","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":135,"name":"new","slug":"new"},{"id":7,"name":"threat-manager","slug":"threat-manager"}],"tags_descriptions":{"new":"The idea was just submitted and hasn’t been reviewed by the team yet."},"views":2,"like_count":0,"has_summary":false,"last_poster_username":"DevonAnderson","category_id":159,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"The investigation builder now supports selecting tags across different filter types, enabling fine-tuned investigations by specifying tag members like Target or Client instead of manually listing individual hosts.","has_accepted_answer":false,"vote_count":1,"can_vote":true,"user_voted":null,"posters":[{"extras":"latest single","description":"Original Poster, Most Recent Poster","user_id":314,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"Include pre-created playbook for sending email alerts containing pertinent threat variables","fancy_title_localized":false,"locale":"en","id":128494,"title":"Include pre-created playbook for sending email alerts containing pertinent threat variables","slug":"include-pre-created-playbook-for-sending-email-alerts-containing-pertinent-threat-variables","posts_count":1,"reply_count":0,"highest_post_number":1,"image_url":null,"created_at":"2026-04-17T19:10:58.234Z","last_posted_at":"2026-04-17T19:10:58.416Z","bumped":true,"bumped_at":"2026-04-17T19:10:58.416Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nAdd pre-created and usable threat response playbook for customers to immediately get value with. \nPlease describe your idea in detail. What is your problem, why do …","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":237,"name":"alerts","slug":"alerts"},{"id":159,"name":"ideas","slug":"ideas"},{"id":135,"name":"new","slug":"new"},{"id":200,"name":"playbooks","slug":"playbooks"},{"id":7,"name":"threat-manager","slug":"threat-manager"}],"tags_descriptions":{"new":"The idea was just submitted and hasn’t been reviewed by the team yet."},"views":5,"like_count":0,"has_summary":false,"last_poster_username":"DevonAnderson","category_id":159,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"A user requests a pre-created, ready-to-use playbook for sending email alerts with threat variables to reduce the manual effort and technical expertise currently required for configuration.","has_accepted_answer":false,"vote_count":1,"can_vote":true,"user_voted":null,"posters":[{"extras":"latest single","description":"Original Poster, Most Recent Poster","user_id":314,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"Ability to define service accounts (e.g. by OU or naming convention)","fancy_title_localized":false,"locale":"en","id":127838,"title":"Ability to define service accounts (e.g. by OU or naming convention)","slug":"ability-to-define-service-accounts-e-g-by-ou-or-naming-convention","posts_count":2,"reply_count":0,"highest_post_number":2,"image_url":null,"created_at":"2026-04-07T19:27:09.994Z","last_posted_at":"2026-04-15T22:05:41.769Z","bumped":true,"bumped_at":"2026-04-15T22:05:41.769Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nAbility to define service accounts based on organizational units or naming conventions instead of relying solely on machine learning detection. \nPlease describe you…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":115,"name":"planned","slug":"planned"}],"tags_descriptions":{"planned":"The idea has been accepted and is scheduled for future development."},"views":11,"like_count":1,"has_summary":false,"last_poster_username":"kevin.joyce","category_id":159,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"The product team confirmed plans to implement manual service account definition via OU or naming conventions at the AD Sync layer, with development scheduled for Q2 to complement existing ML detection.","expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":2,"has_accepted_answer":false,"vote_count":1,"can_vote":true,"user_voted":null,"posters":[{"extras":null,"description":"Original Poster","user_id":3969,"primary_group_id":42,"flair_group_id":42},{"extras":"latest","description":"Most Recent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"Prevent reuse of admin passwords","fancy_title_localized":false,"locale":"en","id":127836,"title":"Prevent reuse of admin passwords","slug":"prevent-reuse-of-admin-passwords","posts_count":3,"reply_count":1,"highest_post_number":3,"image_url":null,"created_at":"2026-04-07T19:04:36.669Z","last_posted_at":"2026-04-15T20:15:48.461Z","bumped":true,"bumped_at":"2026-04-15T20:15:48.461Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nEnsure administrators cannot reuse previously used passwords when resetting credentials. \nPlease describe your idea in detail. What is your problem, why do you feel…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":115,"name":"planned","slug":"planned"}],"tags_descriptions":{"planned":"The idea has been accepted and is scheduled for future development."},"views":14,"like_count":1,"has_summary":false,"last_poster_username":"Maciek","category_id":159,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"The team confirmed implementation of password history checks to prevent admin credential reuse, likely retaining at least five passwords per NIST standards, with delivery expected in Q2.","expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":2,"has_accepted_answer":false,"vote_count":1,"can_vote":true,"user_voted":null,"posters":[{"extras":"latest","description":"Original Poster, Most Recent Poster","user_id":3969,"primary_group_id":42,"flair_group_id":42},{"extras":null,"description":"Frequent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"SIEM Experience Overhaul","fancy_title_localized":false,"locale":"en","id":121851,"title":"SIEM Experience Overhaul","slug":"siem-experience-overhaul","posts_count":2,"reply_count":0,"highest_post_number":2,"image_url":null,"created_at":"2026-01-30T23:19:55.571Z","last_posted_at":"2026-02-02T19:12:03.412Z","bumped":true,"bumped_at":"2026-02-02T19:12:03.412Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nImprove SIEM experience to assist teams with utilizing threat data in their SIEMs. \nPlease describe your idea in detail. What is your problem, why do you feel this …","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":493,"name":"planned-long-term","slug":"planned-long-term"},{"id":418,"name":"siem","slug":"siem"},{"id":7,"name":"threat-manager","slug":"threat-manager"}],"tags_descriptions":{"planned-long-term":"We like the idea, but it doesn’t fit into the next 12 months of our roadmap."},"views":17,"like_count":1,"has_summary":false,"last_poster_username":"kevin.joyce","category_id":159,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"Devon requests SIEM experience improvements including template variable visibility, per-threat template customization, variable previews by threat type, and an 'all variables' template; Kevin agrees to address these, starting with template transparency.","expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":2,"has_accepted_answer":false,"vote_count":1,"can_vote":true,"user_voted":null,"posters":[{"extras":null,"description":"Original Poster","user_id":314,"primary_group_id":42,"flair_group_id":42},{"extras":"latest","description":"Most Recent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"Add the option to remove the comments icon over a threat with a status","fancy_title_localized":false,"locale":"en","id":7374,"title":"Add the option to remove the comments icon over a threat with a status","slug":"add-the-option-to-remove-the-comments-icon-over-a-threat-with-a-status","posts_count":5,"reply_count":1,"highest_post_number":6,"image_url":null,"created_at":"2025-04-14T13:50:01.255Z","last_posted_at":"2026-02-02T15:05:42.205Z","bumped":true,"bumped_at":"2026-02-02T14:34:26.367Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nAllow users to distinguish clearly between system-generated “Status Change Comments” and user-entered “Typewritten Comments” in the Threat Manager interface. \nPleas…","visible":true,"closed":true,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":137,"name":"completed","slug":"completed"},{"id":159,"name":"ideas","slug":"ideas"}],"tags_descriptions":{"completed":"The idea has been fully implemented and released."},"views":57,"like_count":2,"has_summary":false,"last_poster_username":"derek.putnam","category_id":159,"op_like_count":1,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"The feature to distinguish between status change comments and user-typewritten comments in Threat Manager is now available in version 3.0.564, addressing user requests for clearer visual differentiation.","expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":2,"has_accepted_answer":false,"vote_count":1,"can_vote":true,"user_voted":null,"posters":[{"extras":null,"description":"Original Poster","user_id":326,"primary_group_id":42,"flair_group_id":42},{"extras":null,"description":"Frequent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42},{"extras":"latest","description":"Most Recent Poster","user_id":3,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"Add Agent Computer filter in Investigation Builder","fancy_title_localized":false,"locale":"en","id":115870,"title":"Add Agent Computer filter in Investigation Builder","slug":"add-agent-computer-filter-in-investigation-builder","posts_count":2,"reply_count":0,"highest_post_number":2,"image_url":null,"created_at":"2025-10-20T18:41:51.075Z","last_posted_at":"2026-01-29T19:57:42.582Z","bumped":true,"bumped_at":"2026-01-29T19:57:42.582Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nAdd Agent Computer filter in Investigation Builder \nPlease describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.\nW…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":136,"name":"under-review","slug":"under-review"}],"tags_descriptions":{"under-review":"The product team is considering the idea, gathering feedback, or evaluating f..."},"views":14,"like_count":0,"has_summary":false,"last_poster_username":"kevin.joyce","category_id":159,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"The team acknowledges the request to add an Agent Computer filter in Investigation Builder, noting it’s feasible since the field is exposed in NTP, and will investigate integrating it.","expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":2,"has_accepted_answer":false,"vote_count":1,"can_vote":true,"user_voted":null,"posters":[{"extras":null,"description":"Original Poster","user_id":417,"primary_group_id":42,"flair_group_id":42},{"extras":"latest","description":"Most Recent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"Expand possible event detail fields for use as query filters","fancy_title_localized":false,"locale":"en","id":112401,"title":"Expand possible event detail fields for use as query filters","slug":"expand-possible-event-detail-fields-for-use-as-query-filters","posts_count":2,"reply_count":0,"highest_post_number":2,"image_url":null,"created_at":"2025-08-19T11:25:49.586Z","last_posted_at":"2025-08-29T18:12:34.685Z","bumped":true,"bumped_at":"2025-08-29T18:12:34.685Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nMore Event Details fields in query filtering \nPlease describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.\nWhen c…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":7,"name":"threat-manager","slug":"threat-manager"},{"id":136,"name":"under-review","slug":"under-review"}],"tags_descriptions":{"under-review":"The product team is considering the idea, gathering feedback, or evaluating f..."},"views":26,"like_count":0,"has_summary":false,"last_poster_username":"kevin.joyce","category_id":159,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":null,"expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":2,"has_accepted_answer":false,"vote_count":1,"can_vote":true,"user_voted":null,"posters":[{"extras":null,"description":"Original Poster","user_id":33795,"primary_group_id":null,"flair_group_id":null},{"extras":"latest","description":"Most Recent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"Ensure Honey Token threat detector begins in disabled state by default out-the-box","fancy_title_localized":false,"locale":"en","id":111476,"title":"Ensure Honey Token threat detector begins in disabled state by default out-the-box","slug":"ensure-honey-token-threat-detector-begins-in-disabled-state-by-default-out-the-box","posts_count":2,"reply_count":0,"highest_post_number":2,"image_url":null,"created_at":"2025-08-05T20:05:16.507Z","last_posted_at":"2025-08-06T16:51:54.600Z","bumped":true,"bumped_at":"2025-08-06T16:51:54.600Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nThe honey token threat detector should ideally be disabled by default out-the-box since it requires extra configuration. \nPlease describe your idea in detail. What …","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":115,"name":"planned","slug":"planned"},{"id":7,"name":"threat-manager","slug":"threat-manager"}],"tags_descriptions":{"planned":"The idea has been accepted and is scheduled for future development."},"views":14,"like_count":1,"has_summary":false,"last_poster_username":"kevin.joyce","category_id":159,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":null,"expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":2,"has_accepted_answer":false,"vote_count":1,"can_vote":true,"user_voted":null,"posters":[{"extras":null,"description":"Original Poster","user_id":314,"primary_group_id":42,"flair_group_id":42},{"extras":"latest","description":"Most Recent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"Customizable Widget Dashboard for Threat Manager","fancy_title_localized":false,"locale":"en","id":109816,"title":"Customizable Widget Dashboard for Threat Manager","slug":"customizable-widget-dashboard-for-threat-manager","posts_count":1,"reply_count":0,"highest_post_number":1,"image_url":"https://netwrix1.discourse-cdn.com/netwrix/optimized/2X/9/957c667238724fd86910ef6c0dbbb990ddd612e8_2_1019x1024.jpeg","created_at":"2025-07-08T09:54:53.609Z","last_posted_at":"2025-07-08T09:54:53.688Z","bumped":true,"bumped_at":"2025-07-08T14:59:04.311Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nEnable users to customize their dashboards so that they get all the data they need as a glance. \nPlease describe your idea in detail. What is your problem, why do y…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":[{"max_width":null,"max_height":null,"width":1447,"height":1454,"url":"https://netwrix1.discourse-cdn.com/netwrix/original/2X/9/957c667238724fd86910ef6c0dbbb990ddd612e8.jpeg"},{"max_width":1024,"max_height":1024,"width":1019,"height":1024,"url":"https://netwrix1.discourse-cdn.com/netwrix/optimized/2X/9/957c667238724fd86910ef6c0dbbb990ddd612e8_2_1019x1024.jpeg"},{"max_width":800,"max_height":800,"width":796,"height":800,"url":"https://netwrix1.discourse-cdn.com/netwrix/optimized/2X/9/957c667238724fd86910ef6c0dbbb990ddd612e8_2_796x800.jpeg"},{"max_width":600,"max_height":600,"width":597,"height":600,"url":"https://netwrix1.discourse-cdn.com/netwrix/optimized/2X/9/957c667238724fd86910ef6c0dbbb990ddd612e8_2_597x600.jpeg"},{"max_width":400,"max_height":400,"width":398,"height":400,"url":"https://netwrix1.discourse-cdn.com/netwrix/optimized/2X/9/957c667238724fd86910ef6c0dbbb990ddd612e8_2_398x400.jpeg"},{"max_width":300,"max_height":300,"width":298,"height":300,"url":"https://netwrix1.discourse-cdn.com/netwrix/optimized/2X/9/957c667238724fd86910ef6c0dbbb990ddd612e8_2_298x300.jpeg"},{"max_width":200,"max_height":200,"width":199,"height":200,"url":"https://netwrix1.discourse-cdn.com/netwrix/optimized/2X/9/957c667238724fd86910ef6c0dbbb990ddd612e8_2_199x200.jpeg"}],"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":136,"name":"under-review","slug":"under-review"}],"tags_descriptions":{"under-review":"The product team is considering the idea, gathering feedback, or evaluating f..."},"views":62,"like_count":2,"has_summary":false,"last_poster_username":"Ashleys","category_id":159,"op_like_count":2,"pinned_globally":false,"featured_link":null,"ai_topic_gist":null,"has_accepted_answer":false,"vote_count":1,"can_vote":true,"user_voted":null,"posters":[{"extras":"latest single","description":"Original Poster, Most Recent Poster","user_id":309,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"GPO Names clearly displayed in emailed reports","fancy_title_localized":false,"locale":"en","id":7446,"title":"GPO Names clearly displayed in emailed reports","slug":"gpo-names-clearly-displayed-in-emailed-reports","posts_count":2,"reply_count":0,"highest_post_number":2,"image_url":null,"created_at":"2025-04-14T16:12:14.806Z","last_posted_at":"2025-05-16T19:27:29.279Z","bumped":true,"bumped_at":"2025-05-16T19:27:29.279Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nThe reports generated by GPO changes don’t display the GPO in their own column making it difficult to easily identify what GPO the change was executed against. \nPle…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":136,"name":"under-review","slug":"under-review"}],"tags_descriptions":{"under-review":"The product team is considering the idea, gathering feedback, or evaluating f..."},"views":36,"like_count":0,"has_summary":false,"last_poster_username":"kevin.joyce","category_id":159,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"Brandon requested GPO names be displayed in a dedicated column in reports for easier identification, and Kevin acknowledged the need to parse and expose this data separately.","expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":2,"has_accepted_answer":false,"vote_count":1,"can_vote":true,"user_voted":null,"posters":[{"extras":null,"description":"Original Poster","user_id":326,"primary_group_id":42,"flair_group_id":42},{"extras":"latest","description":"Most Recent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"Ability to create Custom Threats based on Policies that Feed Threat Manager","fancy_title_localized":false,"locale":"en","id":7408,"title":"Ability to create Custom Threats based on Policies that Feed Threat Manager","slug":"ability-to-create-custom-threats-based-on-policies-that-feed-threat-manager","posts_count":5,"reply_count":2,"highest_post_number":5,"image_url":null,"created_at":"2025-04-14T15:57:56.535Z","last_posted_at":"2025-04-16T20:54:50.622Z","bumped":true,"bumped_at":"2025-04-16T20:54:50.622Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nCreate Threats in Threat Manager by specifically referencing a policy in Threat Prevention \nPlease describe your idea in detail. What is your problem, why do you fe…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":198,"name":"ntp-reporting","slug":"ntp-reporting"},{"id":7,"name":"threat-manager","slug":"threat-manager"},{"id":8,"name":"threat-prevention","slug":"threat-prevention"},{"id":136,"name":"under-review","slug":"under-review"}],"tags_descriptions":{"under-review":"The product team is considering the idea, gathering feedback, or evaluating f..."},"views":53,"like_count":1,"has_summary":false,"last_poster_username":"kevin.joyce","category_id":159,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"Custom threats in Threat Manager currently can't be created when using Threat Prevention policies due to data source restrictions, but the team will review and likely address this in a future release.","expert_post_group_names":["pm_threat_prevention","pm_threat_manager"],"first_expert_post_id":2,"has_accepted_answer":false,"vote_count":1,"can_vote":true,"user_voted":null,"posters":[{"extras":null,"description":"Original Poster","user_id":326,"primary_group_id":42,"flair_group_id":42},{"extras":"latest","description":"Most Recent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"Add bulk management of threats","fancy_title_localized":false,"locale":"en","id":7354,"title":"Add bulk management of threats","slug":"add-bulk-management-of-threats","posts_count":2,"reply_count":0,"highest_post_number":2,"image_url":null,"created_at":"2025-04-14T13:16:34.564Z","last_posted_at":"2025-04-16T20:51:52.935Z","bumped":true,"bumped_at":"2025-04-16T20:51:52.935Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nWe’d like to be able to select multiple threats from the threat timeline to manage (close as false positives, assign to users, etc). \nPlease describe your idea in d…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":115,"name":"planned","slug":"planned"},{"id":7,"name":"threat-manager","slug":"threat-manager"}],"tags_descriptions":{"planned":"The idea has been accepted and is scheduled for future development."},"views":56,"like_count":0,"has_summary":false,"last_poster_username":"kevin.joyce","category_id":159,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"The feature request for bulk management of threats, allowing users to select multiple threats via checkboxes for faster processing, has been acknowledged and is planned for a future release.","expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":2,"has_accepted_answer":false,"vote_count":1,"can_vote":true,"user_voted":null,"posters":[{"extras":null,"description":"Original Poster","user_id":481,"primary_group_id":42,"flair_group_id":42},{"extras":"latest","description":"Most Recent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"Add a health reporting page","fancy_title_localized":false,"locale":"en","id":7358,"title":"Add a health reporting page","slug":"add-a-health-reporting-page","posts_count":2,"reply_count":0,"highest_post_number":2,"image_url":null,"created_at":"2025-04-14T13:27:49.021Z","last_posted_at":"2025-04-16T18:36:11.971Z","bumped":true,"bumped_at":"2025-04-16T18:36:11.971Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nThe Health Reporting page provides visibility into all updates related to product performance, stability, and operational status \nPlease describe your idea in detai…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":115,"name":"planned","slug":"planned"},{"id":7,"name":"threat-manager","slug":"threat-manager"}],"tags_descriptions":{"planned":"The idea has been accepted and is scheduled for future development."},"views":59,"like_count":0,"has_summary":false,"last_poster_username":"kevin.joyce","category_id":159,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"The team confirms plans to implement a Health Reporting page for operational visibility, with future enhancements including automated remediation steps for issues.","expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":2,"has_accepted_answer":false,"vote_count":1,"can_vote":true,"user_voted":null,"posters":[{"extras":null,"description":"Original Poster","user_id":326,"primary_group_id":42,"flair_group_id":42},{"extras":"latest","description":"Most Recent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"Password guidelines","fancy_title_localized":false,"locale":"en","id":7370,"title":"Password guidelines","slug":"password-guidelines","posts_count":2,"reply_count":0,"highest_post_number":2,"image_url":null,"created_at":"2025-04-14T13:45:32.579Z","last_posted_at":"2025-04-16T15:49:08.236Z","bumped":true,"bumped_at":"2025-04-16T15:49:08.236Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nIt would be very helpful to see the required password guidelines ahead of time when setting up the initial admin account after a fresh install of NTM. \nPlease descr…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":137,"name":"completed","slug":"completed"},{"id":159,"name":"ideas","slug":"ideas"},{"id":7,"name":"threat-manager","slug":"threat-manager"}],"tags_descriptions":{"completed":"The idea has been fully implemented and released."},"views":41,"like_count":0,"has_summary":false,"last_poster_username":"kevin.joyce","category_id":159,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"Development of the password guidelines feature has been completed and is currently being tested for release.","expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":2,"has_accepted_answer":false,"vote_count":1,"can_vote":true,"user_voted":null,"posters":[{"extras":null,"description":"Original Poster","user_id":481,"primary_group_id":42,"flair_group_id":42},{"extras":"latest","description":"Most Recent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42}]},{"fancy_title":"Save Investigation Filters","fancy_title_localized":false,"locale":"en","id":7439,"title":"Save Investigation Filters","slug":"save-investigation-filters","posts_count":2,"reply_count":0,"highest_post_number":2,"image_url":null,"created_at":"2025-04-14T16:09:38.432Z","last_posted_at":"2025-04-16T15:46:30.578Z","bumped":true,"bumped_at":"2025-04-16T15:46:30.578Z","archetype":"regular","unseen":false,"pinned":false,"unpinned":null,"excerpt":"What is a one sentence summary of your feature request?\nability to save and resume various filters configured on the threats investigation dashboard. \nPlease describe your idea in detail. What is your problem, why do you…","visible":true,"closed":false,"archived":false,"bookmarked":null,"liked":null,"thumbnails":null,"tags":[{"id":159,"name":"ideas","slug":"ideas"},{"id":136,"name":"under-review","slug":"under-review"}],"tags_descriptions":{"under-review":"The product team is considering the idea, gathering feedback, or evaluating f..."},"views":36,"like_count":0,"has_summary":false,"last_poster_username":"kevin.joyce","category_id":159,"op_like_count":0,"pinned_globally":false,"featured_link":null,"ai_topic_gist":"The user requested the ability to save and reuse filter configurations on the threats investigation dashboard to avoid repetitive setup, and the team acknowledged the feedback, stating they will consider it during a future rewrite of the timeline page.","expert_post_group_names":["pm_threat_manager"],"first_expert_post_id":2,"has_accepted_answer":false,"vote_count":1,"can_vote":true,"user_voted":null,"posters":[{"extras":null,"description":"Original Poster","user_id":326,"primary_group_id":42,"flair_group_id":42},{"extras":"latest","description":"Most Recent Poster","user_id":97,"primary_group_id":42,"flair_group_id":42}]}]}}