Adding and Editing an Incident
Scenario
This section describes how to add or edit an incident.
Adding an Incident
- Log in to the management console.
- Click in the upper left corner of the management console and select a region or project.
- Click in the upper left corner of the page and choose Security & Compliance > SecMaster.
- In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
Figure 1 Workspace management page
- In the navigation pane on the left, choose .
- On the Incidents page, click Add. On the displayed Add page, set parameters as described in Table 1.
Table 1 Parameters for adding an incident Parameter
Description
Basic Information
Incident Name
Custom incident name. The value must contain:
- Only uppercase letters, lowercase letters, digits, and the special characters: -_ ()
- A maximum of 255 characters
Type
Incident type
(Optional) Service ID
Enter the service ID corresponding to the incident.
Incident Severity
Select a severity level.
Status
Select an incident status.
(Optional) Owner
Primary owner of the incident.
Data Source Product Name
Select the name of the data source product.
Data Source Type
Select the type of the data source. For example, if the data source is a cloud service, select the cloud service.
Timeline
First Occurrence Time
Time when the incident occurred first time.
(Optional) Last Occurrence Time
Time when the incident occurred last time.
(Optional) Planned Closure Time
Time to close the incident.
Other
(Optional) Verification Status
Verification status of the incident to identify the accuracy of the incident.
(Optional) Stage
Incident phase.
- Preparation: Prepare resources to process incidents.
- Detection and analysis: Detect and analyze the cause of an incident.
- Containment, extradition, and recovery: Handle an incident.
- Post Incident Activity: Follow-up activities.
(Optional) Debugging data
Whether to enable simulated debugging
(Optional) Labels
Label of the incident.
Description
Incident description. The value can contain:
- Only uppercase letters, lowercase letters, digits, and the special characters: -_ ()
- A maximum of 1,024 characters.
- Click OK. The incident is created.
Editing an Incident
- Log in to the management console.
- Click in the upper left corner of the management console and select a region or project.
- Click in the upper left corner of the page and choose Security & Compliance > SecMaster.
- In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
Figure 2 Workspace management page
- In the navigation pane on the left, choose .
- In the incident list, locate the row that contains the target incident and click Edit in the Operation column.
- On the Edit page that is displayed, edit incident parameters.
Table 2 Parameters for editing an incident Parameter
Description
Basic Information
Incident Name
Custom incident name. The value must contain:
- Only uppercase letters, lowercase letters, digits, and the special characters: -_ ()
- A maximum of 255 characters
Incident Type
Incident type
(Optional) Service ID
Enter the service ID corresponding to the incident.
Incident Level
Select a severity level.
Status
Select an incident status.
(Optional) Owner
Primary owner of the incident.
Data Source Name
Name of the data source, which cannot be changed
Data Source Type
Type of the data source, which cannot be changed
Timeline
First Occurrence Time
Time when the incident occurred first time.
(Optional) Last Occurrence Time
Time when the incident occurred last time.
(Optional) Planned Closure Time
Time to close the incident.
Other
(Optional) Verification Status
Verification status of the incident to identify the accuracy of the incident.
(Optional) Phase
Incident phase.
- Preparation: Prepare resources to process incidents.
- Detection and analysis: Detect and analyze the cause of an incident.
- Contain, extradition, and recovery: Handle an incident.
- Post Incident Activity: Follow-up activities.
(Optional) Debugging data
Whether to enable simulated debugging. This parameter cannot be modified once configured.
(Optional) Label
Label of the incident.
Description
Incident description. The value can contain:
- Only uppercase letters, lowercase letters, digits, and the special characters: -_ ()
- A maximum of 1,024 characters.
- Click OK. The incident editing is complete.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.