Events

flare continuously monitor for events containing information relevant to the identifiers you create these events can be viewed in the tenant feed within the https //app flare io/#/events of flare every time you visit the tenant feed, the side panel presents a summary of the data we've collected for the feed you're viewing (if you are on the main https //app flare io/#/events , it will be a summary of data collected for all your identifiers) tenant feed event actions in the top right corner of each event card there are buttons for various actions, including "mark as this event as remediated", "ignore this event", "edit event", and "add event to report" event card with the show filter under the search bar you are able to filter the current feed to show all events that have been marked as remediated , ignored , have had their score edited (labelled edited score ), or have had no changes made to them (labelled as normal ) mark as remediated if you've taken action to address a specific event, you can mark the event as remediated so that it is hidden from the feed you can always restore visibility of remediated events by choosing the remediated option from the show filter below flare's search bar remediate event ignoring events the ignore this event option allows you to exclude the event from your feeds you can always restore visibility of ignored events by choosing the ignored option from the show filter below flare's search bar ignore event an event previously remediated or ignored will not reappear afterwards in your the event feed in most cases, unless a difference in its content is detected there are particular behaviors when remediating and ignoring certain event types, as broken down below leaked credentials events when you remediate a leaked credential event in the feed or a credential item in the credentials browser future instances of the same credentials pair will appear remediated in both places as well they will be filtered out of the default view of the tenant feed and the credentials browser the severity level of a remediated leaked credential event that reappears will be lowered when you ignore a leaked credential event in the feed or a credential item in the credentials browser future credentials related to the same email/username will be ignored as well, both in the tenant feed and the credentials browser infected devices (stealer logs) when you see an old matched stealer log reappear, it could be for any of the following reasons a new source has posted (recycled) the original stealer log a change was detected in the content of the stealer log which treats the discovery as a new event open web when you see github events reappearing, it is due to changes within the github repository we are querying the entire page again which includes the changes and the parts that remained the same this leads to other parts of the repository changing and the section including your identifier to remain the same and appear again in the case of github, you can utilize ignore term https //docs flare io/policies to ignore certain github authors and projects adjust severity, tags, and notes of event the adjust this event option lets you quickly reassign the severity, add tags and notes to the event adjust event add to report you can also add a specific event to a report for more details about reports, see the reports section of our documentation add event to report export events if needed, you can also export your event result by clicking on the ‘export events’ button export events the basic export includes the all metadata and a content preview exporting the full content of events greatly increases the size of the export related articles