Security | Anomaly Details
Provides detailed analysis of security anomalies, including user activity patterns and security implications.
Required Editions
| Available in: Lightning Experience |
| Available in: Enterprise, Performance, Unlimited, and Developer Editions with the Security Center add-on and Foundations or Agentforce 1 Editions. |
| User Permissions Needed | |
|---|---|
| To view Security Center pages: | View Security Center |
| To create and edit security policies: | Manage Security Center |
| See Common User Access for Standard Agent Actions. | |
Action Details
| API Name | AnomalyDetails |
| Reference Action Type | Standard Action |
| Does this tool run one or more prompt templates? | Yes |
| Required setup | Turn on Security Center and Security Agent with View Security Center or Manage Security Center user permission. |
AnomalyDetails and Prompt Templates
This tool runs the Anomaly Details prompt template. The prompt template acts as a security analyst building on previous anomaly detection results. It provides a comprehensive analysis covering:
- Alert summary and security explanation
- Specific users or entities involved
- Historical activity patterns
- Potential security risks
- Context for why the alert was triggered
Guidelines and Considerations
AnomalyDetails provides
deeper context about specific anomalies including user behavior patterns.
AnomalyDetailsbuilds on results from theIdentifyAnomaliestool and should be called after identifying anomalies.- Differentiates between Security Center alerts and Threat Detection events with tailored analysis.
- Includes Event Monitoring data for users who triggered alerts.
- Delivers actionable, specific output that avoids generic recommendations.
Did this article solve your issue?
Let us know so we can improve!
