100% of the Console Alerts appear to be auto assigned to one user.

• EDR Servers: Version 7.6.x

A user requested all (thousands) of Unresolved alerts to be marked as Resolved. The process is conducted in batches. If the process takes several batches to mark all the alerts, it can take a while to complete. During that time, any incoming alerts are added to the request until the last batch is processed.

None. The 100% assigned to one user may be misleading because the new alerts are unassigned, which does not have a category. After the Resolved alerts are marked and the batch processing is complete, any new alerts are unassigned. The dashboard may continue to report the user has 100% alerts assigned, but the category for unassigned alerts is not listed. Only by comparing the totals belonging to the user, resolved and unresolved can you determine the new alerts unassigned.