Skip to main content

Respond

Response

After you create an incident, you can view different phases associated with the incident in the Response tab in the New Layout. Each phase includes specific fields that must be updated to move to the next phase, and eventually close the incident. An incident workflow is automatically assigned to an incident based on the workflow mapping configured by your administrator. For more information, see Configure Incident Workflows

Note

The phases and their associated fields in the incident may differ based on the configurations made by your administrator.

Steps

To update the details in the Response tab of the New Layout, follow these steps:

  1. Go to Menu > Incidents.

  2. Select an incident and navigate to the Response tab.

    You can view the following details in the Response tab:

    • Phase flow type: Hover over flow-type.png to view the incident phase flow type. There are two types of phase flows:

      • Linear Flow: In this flow, you must complete the phases in the sequence configured by your administrator.

      • Non-linear Flow: In this flow, you have the flexibility to move to any phase.

    • Current Phase: Displays the current phase of the incident.

    • Total Time Spent: Displays the total time spent on the incident response, from the opening to the closing of the incident.

    • Phase Timeline: Displays phase-wise progress of the incident response and the time spent on each phase. A green check mark on a phase indicates that the phase is completed. A blinker on a phase indicates the current phase of the incident. You can turn on the View Logs toggle to view the activity logs.

    • Phase fields: When you click Expand all phases, all the phases are expanded, and you can view the fields required to complete the phase.

    • Change Phase: In the New Layout, to change a phase and add details, you can move to the required phase and edit its fields directly, without needing extra clicks. This makes changing and updating incident phases quick and seamless. Click Collapse all phases to collapse all the phases of the incident.

      Note

      This enhancement is available in Respond v3.4.7.5 onwards.

    • Actions to be Closed: Displays the number of actions that must be closed in a phase.

      Note

      You can close the incident only after the mandatory fields are filled and the associated actions are closed in all the phases. For more information, see Close Incident.