Incident Details page

Clicking on an incident on the Incidents page shows that incident's details in a separate page that summarizes the network resources affected by the incident, and shows any runbook output that will inform your assessment of the incident.

The Incident Details page shows the following for the incident:

  • Priority — This is assigned to the incident based on the results of the associated runbook analysis. This may change over the life of the incident if subsequent executions of the runbook produce different results.

  • Add to Watchlist — Click to include the incident in the Watchlist. Click again to remove the incident from the Watchlist.

  • Incident Type (e.g., Device Down, Interface Congestion) — This is determined by Alluvio IQ's analysis of the incident's corresponding detections.

  • Status pulldown — This shows the incident's current status; click to change.

  • Notes — Annotate the incident with useful text to keep with it.

  • Activity Log — This summarizes each action executed upon the incident.

  • Share — Copy this incident page's link to send it to another user.

  • Date information — This shows when the incident started and when it was most recently updated.

  • Impact Summary — This shows the number of Users, Locations, and Applications known to be affected by the incident.

  • Incident Sources — This shows the origin of the incident, most likely a device or a location.

  • Runbook Analysis Output — This shows the results of the most recent execution of the associated runbook.