13.12 Creating iTRAC Activities

  1. Access the Sentinel Control Center. For more information, see Step 1 in Section 13.2, Accessing the iTRAC Administration Tools.

  2. Click the iTRAC tab.

  3. In the toolbar, click iTRAC > Activity Manager.

  4. Select an existing activity, then click View/Edit.

    or

    Click the Add button to create a new activity.

  5. Use the following information to define the activity type:

    Type: Select the activity type you want to create:

    • Incident Command Activity

    • Incident Composite Activity

    • Incident Internal Activity

    Usage: The Usage field is populated with the type of activity you selected.

    Name: Specify a name for the activity

    Description: Specify a description for the activity.

  6. Configure the necessary settings for the type of activity you chose:

    Incident Command Activity: Use the following information to create the incident command activity:

    • Command: Specify the command the activity performs.

    • Arguments: Select the type of arguments for this command. The options are:

      • None

      • Incident Output

      • Custom

    Incident Composite Activity: Select one or more of the activities to create a composite activity. The options are:

    • CollectionActivity

    • EraditionaActivity

    • ContainmentActivity

    Incident Internal Activity: Configure the incident internal activity to e-mail the output to a specific address and attach the output to the incident associated with the workflow process.

    • Mail and Attach: Select whether you want to e-mail the vulnerability and Advisor data.

    • Mail Details: Specify the details of the e-mail that will be sent. You must define the To, From, and Subject fields.

  7. View and confirm the details you chose in the Summary page, then click Finish.