5.2 Introduction to User Interface

In the Incidents tab, you see the Display Incident View, Create Incident, and Attachment Viewer Configuration.

You can navigate to these functions from different places:

Table 5-1 Table 4‑1: Incident Tab User Interface

User Interface

Description

The Incident menu in the menu bar

The Navigation Tree in the Navigation pane

The toolbar buttons

5.2.1 Incident View

In the Incident View Manager, you can view the list of incidents and the parameters you specified when adding an incident.

To open the Incident View Manager:

  1. Click Incidents on the menu bar and select Display Incident Views or click the Display Incident View button in the toolbar

5.2.2 Incident

When you add or edit an incident, you see the tabs listed where you can perform the incident-related activities. As you investigate and remediate an incident, additional information can be added to these tabs. Except for Events and History, entering information on the tabs is optional.

Double click on the incident name or right-click and select modify to add/edit an incident.

Figure 5-1 Add/Edit Incident

  • Events: Lists events attached to this incident. You can attach events to incidents in an Active View.

  • Assets: Lists assets affected by the events of this incident.

  • Vulnerability: Lists asset vulnerabilities.

  • Advisor: Displays asset attack and alert information.

  • iTRAC: Allows you to add a workflow to an incident from the iTRAC tab.

  • History: Lists activities performed on the current incident.

  • Attachments: Allows you to add an attachment to the incident created in the system.

  • Notes: Allows you to add notes to the incident.