Incident Management

Xcalibur W refers to a consolidated view of related alerts as an Incident.

An Incident is an event that starts with the first Alert received from a device. It defines the start date. The Incident stays open until no other alerts are received after the defined timeframe, and counts the number of alerts that occurred while open.

The Incident Management View lists all open and closed Incidents.

Incidents can be acknowledged by right-clicking and selecting Incident acknowledgement. When an Incident is acknowledged, all the attached alerts are automatically acknowledged as well.

Last modified: 2021/11/21 17:18