Navigating the Incidents Tab
Use this reference guide to find out what each item in the Incidents tab is, then follow the links to learn more about a feature.
Incident Tab
The Incidents tab provides a centralized place to manage your BigPanda incidents.
Item | Description | Related Links |
|---|---|---|
Left Pane | Lists the Environments and folders that you can use to filter the incident feed. | |
Incident Feed | Provides a consolidated view of related incidents. You can filter the incident feed by searching or by selecting an Environment and a folder. | |
Incident Details | Shows detailed information about the incident selected in the incident feed. You can view details of the related alerts, view the incident life cycle on a timeline, and more. |
Incident Feed
Item | Description | Related Links |
|---|---|---|
Filter | Shows the Environment and folder by which the feed is filtered and the number of incidents that match the filter. | |
Star | Indicates whether the Environment is starred and allows you to add it to or remove it from your list of starred Environments. | |
Search | Allows you to filter the incident feed by searching for specific values within the incidents. | |
Incident List Item | Shows basic information about an individual incident in the feed. |
Incident List Item
Item | Description | Related Links |
|---|---|---|
Status Indicator | Displays a colored ribbon on the left to indicate the incident status, which is determined by the most severe status of the related alerts. | |
No. of Active Alerts | Counts the number of related alerts that are in the Critical or Warning state. | |
System | Shows the type of monitoring tool (such as Nagios or Zabbix) and the integration name (such as Production) that the alerts came from. | |
Last Change | Calculates the amount of time since the last change to the incident. This calculation includes status changes on related alerts and the addition of new alerts to the incident. You can point to it to see the exact time of the last change. | |
Main Title | Shows why the alerts are correlated into an incident. | |
Subtitle | Summarizes the subjects (such as hosts or applications) that are part of the incident. | |
Incident Actions | Provides access to the available actions for an incident, such as Resolve, Snooze, Comment, Merge and Share. |
Incident Actions
Item | Description | Related Links |
|---|---|---|
Merge | Allows you to add the alerts in source incidents to a destination incident to be handled as one, singular incident. | |
Resolve Incident | Allows you to manually resolve an active incident. | |
Snooze Incident | Allows you to remove a low priority incident from the active folder for a set period of time. | |
Comments | Allows you to view and add comments for an incident. Shows the number of existing comments, if applicable. | |
Share | Allows you to manually share an individual incident. | |
No. of Existing Shares | Shows the number of times the incident has been shared manually and by an AutoShare rule. Click the icon to see the sharing history and subscribers. |
Incident Details
Item | Description | Related Links |
|---|---|---|
Status Indicator | Displays a colored ribbon on the left to indicate the incident status, which is determined by the most severe status of the related alerts. | |
Main Title | Shows why the alerts are correlated into an incident. | |
Subtitle | Summarizes the subjects (such as hosts or applications) that are part of the incident. | |
Incident Actions | Provides access to the available actions for an incident, such as Resolve, Snooze, Merge, Comment, and Share**. | |
Alerts Tab | Shows information about each of the alerts that the incident contains. Click any row to view current details for the alert. | |
Activity Feed Tab | Shows what has happened to the incident from when it was created until the current time, sorted with the most recent event on top. | |
Timeline | Allows you to visualize the life cycle of an incident on a timeline, which helps you understand how the incident has unfolded. |
Alerts Tab
Item | Description | Related Links |
|---|---|---|
No. Of Active Alerts | Counts the number of related alerts that are in the Critical or Warning state. | |
Split | Multiple incident alerts can be split off and handled as a new incident. | |
System | Shows the type of monitoring tool (such as Nagios or Zabbix) and the integration name (such as Production) that the alerts came from. | |
Status Indicator | Displays a colored dot on the left to indicate the current status of a related alert. | |
Alert Data | Displays the data for each related alert in a table. The column headers show the tag names and the rows show the tag values. You can drag the center divider to resize the incident feed, and columns are added, removed, or resized dynamically as space allows. | |
Link | Displays a clickable link icon if the alert contains any links to more information, such as runbooks or time-series metrics. | |
Duration | Shows the amount of time since the first event for each alert. | |
Last Change | Shows the time of the last status change for each alert. |
Activity Feed Tab
Item | Description | Related Links |
|---|---|---|
Comment Field | Allows you to comment on the incident. Comments are added as events in the activity feed. | |
Event Indicator | Displays an icon beside each item in the event list to indicate the type of event. | |
Username | Shows the user who made the update, if applicable. | |
Event Time | Shows the exact time the event occurred. | |
Event Type | Shows the type of event that occurred. | |
Event Details | Shows more information about the event, depending on the event type. For example: | Viewing Incident and Alert Details |
Day Separator | Indicates the day the preceding events occurred, if the list of events spans more than one calendar day. Because the event list is sorted with the most recent event on top, the day separator appears below the events that occurred on a given day. |
Timeline
Item | Description | Related Links |
|---|---|---|
Incident Status | Displays a colored ribbon on the left to indicate the incident status, which is determined by the most severe status of the related alerts. | |
Main Title | Shows why the alerts are correlated into an incident. | |
Subtitle | Summarizes the subjects (such as hosts or applications) that are part of the incident. | |
No. of Alerts | Counts the total number of alerts that the incident contains, regardless of the current status of the alerts. | |
System | Shows the type of monitoring tool (such as Nagios or Zabbix) and the integration name (such as Production) that the alerts came from. | |
Timeline | Shows the history of status changes for every alert that the incident contains. Each row represents the history for an individual alert. | |
Status Change | Displays a colored dot that represents a status change for the related alert. Click a dot to view the alert details at the time of the status change. Then, click the arrows to step through the details of every status change for the alert. | |
Last Change | Calculates the amount of time since the last change to the incident. This calculation includes status changes on related alerts and the addition of new alerts to the incident. | |
Alert List | Lists basic information about each alert that the incident contains, including a colored dot on the left to indicate the current status of the alert. | |
Current Statuses | Counts the number of related alerts that are in each of the current states: Critical, Warning, Ok (resolved), and Ack (acknowledged or maintenance). | |
Incident Start Time | Shows the time when the earliest alert was received. | |
Incident End or Current Time | Shows the time when the incident was resolved (incident end time) or the current time if the incident is still active. |
Updated about 2 years ago