Incident Details page
Clicking on an incident on the Incidents page shows that incident's details in a separate page that summarizes the network resources affected by the incident, including the incident's primary indicator and any correlated indicators, as well as analysis resulting from the runbook associated with the incident type.
The Incident Details page shows the following for the incident:
-
Priority — This is assigned to the incident based on the results of the associated runbook analysis. This may change over the life of the incident if subsequent executions of the runbook produce different results.
-
Add to Watchlist — Click to include the incident in the Watchlist. Click again to remove the incident from the Watchlist.
-
Incident Type (e.g., Device Down, Interface Congestion) — This is determined by Riverbed IQ's analysis of the incident's corresponding detections.
-
Status pulldown — This shows the incident's current status; click to change.
-
Notes — Annotate the incident with useful text to keep with it.
-
Activity Log — This summarizes each action executed upon the incident.
-
Share — Copy this incident page's link to send it to another user.
-
Date information — This shows when the incident started and when it was most recently updated.
-
Impact Summary — This shows the number of Users, Locations, and Applications known to be affected by the incident, as well as Prioritization Factors, which summarize why Riverbed IQ assigns the incident the priority that it does.
-
Incident Sources — This shows the incident's primary indicator and any correlated indicators.
-
Runbook Analysis Output — This shows the results of the most recent execution of the incident's associated runbook.