Create Incident Case elements

The Incident Case element stores the information related to the incident.

When you create an incident case, the Data Collection, Player List, and Journal tabs are visible. The History tab is at the bottom of the view with the General tab.

For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Select Configuration, then browse to Monitoring.
  2. Right-click Incident Cases and select New Incident Case.
  3. Enter a unique Name, (optional) Comment, and (optional) Priority.
    • The priority you define is for your own categorization and does not affect the way the case is handled in the Secure SD-WAN Manager.
    • The State cannot be changed during the creation of the new incident case.
  4. Click OK.
    The new incident case opens for editing.

Incident Case Properties dialog box

Use this dialog box to define the properties for an Incident Case.

Option Definition
Name The name of the element.
Comment

(Optional)

A comment for your own reference.
State
  • Open — The incident case has been created, but investigation has not begun.
  • Under Investigation — The incident case is actively being investigated.
  • False Positive — Legitimate activity was incorrectly interpreted as suspicious. There is actually no incident.
  • Closed — The investigation is finished.
Priority

(Optional)

Adds a priority rating for your own reference.