Incident management
The system monitoring process needs to follow up the incidents
arising in the system besides receiving and processing the data to be
monitored in each time interval
Pandora uses a tool called Incident Manager for this task, where
each user can open an incident, where a description of what happened
in the network is shown. This can be completed with comments and files
when necessary.
This system is designed for group work. Different roles and
workflow systems permit to move incidents from one group to another.
The system allows different groups and different users to work on
the same incident, sharing information and files.
Clicking on "Manage Incidents", in the Operation menu, a list
showing all the incidents is displayed, ordered by the date-time they
were last updated. Filters can be applied to display only those
incidents the user is interested on.
![]()
The filters that can be applied are:
Incident status filter.
The user can display:
- All incidents
- Active incidents
- Closed incidents
- Rejected incidents
- Expired incidents
Property filter.
The incidents are shown by:
- All priorities
- Informative priority
- Low priority
- Medium priority
- High priority
- Very high priority
- Maintenance
Group filter.
It can be selected to display just the
incidents of a given Pandora group.
The incident list is displayed showing information in the following columns:
ID: ID of the incident.
Status: The incident status is represented by the following
icons:
![]()
Active incident
![]()
Active incident
with comments
![]()
Rejected incident
![]()
Closed incident
![]()
Expired incident
Incident name: Name given to the incident
Priority: The incident assigned priority is represented
by the following icons:
![]()
![]()
![]()
Very high priority
![]()
![]()
![]()
High priority
![]()
![]()
![]()
Medium priority
![]()
![]()
![]()
Low priority
![]()
![]()
![]()
Informative priority
![]()
![]()
![]()
Maintenance priority
Group: The name of the group the incident has been assigned
to. One incident can only belong to a single group.
Updated at: This is the date/time the incident was updated
for the last time.
Source: The source of the incident. The source is selected
from a list stored
in the data base. This list can only be modified by the database base
administrator.
Owner: User to whom the incident has been assigned to.
It doesn't coinced
with the creator of the incident, as the incident may have been moved
from one user to another. The incident can be assigned to another user
by its owner, or by a user with management privileges over the group
the incidents belong to.
Adding an incident
The creation of incidents is performed by clicking on
"Manage Incidents" > "New incident", in the Operation menu
![]()
The "Create Incident" form will come up, containing the necessary
fields to define the incident. The process is completed by clicking
on the "Create" button.
Incident follow up
All the open incidents can be followed up. The tool is reached by
clicking on the "Manage Incidents" option, in the Operation menu.
The indicent is selected by clicking on its name in the
"Incident name" column.
The screen coming up shows us the configuration variables of
the incident, its comments and attached files.
The first part of the screen contains the Incident configuration.
![]()
From this form the following values can be updated:
Incident name
Incident owner
Incident status
Incident source
Group the indicent will belong to
Indicent priority
The indicent is updated by clicking on the "Update incident" button.
Adding comments to an incident
Comments about the incident can added clicking on "Add note". This will open up a screen with a text box in it.
![]()
The comment is written in this box. The Comment will appear in the "Notes attached to incident" section after the button "Add" is pressed.
![]()
Only users with writting privilieges can add a comment, and only the owners of the incident or of the notes can delete them.
Attaching files to an incident
Sometimes it is necessary to link an incident with an image, a configuration file, or any kind of file.
The files are attached in the "Attach file" section. Here the file can be searched for in the local machine and attached when the "Upload" button is pressed.
Only a user with writing privileges can attach a file, and only the owner of the incident or of the file can delete it.
![]()
The incident follow up screen shows all the files attached to the incident in the "Attached files" section of the screen.
![]()
Searching for an incident
A specific incident can be found amongst the
incidents created in Pandora by either using a filter _ as explained in the
first section of this chapter - or by making a query using the "Manage Incidents">"Searh Incident" tool, in the Operation menu.
![]()
Any text string included as a sub-string in the
incident can be searched for using this tool. This search engine looks for the
string in the Incident title as well as in the text contained by the incident.
The search engine will not search neither the Comments added to the agent nor
the attached files. The search can be performed in addition to group, priority
or status filters.
Statistics
The incident statisticts are shown in the "Manage Incidents">"Statistics" option of the Operation menu. They can be of five different types:
Incident status
Incident priority
Users with the incident opened
Incidents by group
Incident source
![]()
![]()
![]()