Incident Management: Remediation View

Document created by RSA Information Design and Development on May 10, 2016
Version 1Show Document
  • View in full screen mode
 
  

In the Remediation view, you can manage and track the remediation tasks, and do the following:

  • Send a remediation task as a Helpdesk ticket where it can be managed in a third party helpdesk system and tracked to closure.
  • Send a remediation task to RSA Archer so that it is tracked by the RSA Security Operations Management solution.

These two options are available if these integration settings are configured in the Integration Settings.

To access the Remediation Tasks view, in the Security Analytics menu, select Incidents > Remediation. The Remediation Tasks view is displayed. It is a list of all remediation tasks.

RemTasks.png

Features

The Remediation Tasks view consists of two panels and a toolbar.

The options panel, on the left, has parameters that can be used to filter the remediation tasks.

                                                
ParameterDescription
TIME RANGESelect a time range to view remediation tasks created in the selected time range.
For example:
  • Select Last 24 Hours to view remediation tasks created in the last 24 hours.
  • Select All Data to view remediation tasks created from the time the host was installed. 
  • Select Custom and provide a date range to view remediation tasks created in that time frame.
PRIORITYIndicates the number of remediation tasks depending on their priorities.
For example: Critical (2) indicates there are 2 remediation tasks having priority set to Critical.
Selecting one of the displayed options filters the remediation tasks and displays only the remediation tasks of the priority selected.
For example: If you select Critical (2), the Remediation Tasks panel displays only the 2 remediation tasks with a priority set to Critical.
STATUSIndicates the number of remediation tasks belonging to a particular status.
For example: Assigned (5) indicates there are 5 remediation tasks in the Assigned state.
Selecting one of the displayed options filters the remediation tasks and displays only the tasks belonging to the selected status.
For example: If you select Assigned (5), the Remediation Tasks panel displays only the 5 tasks that belong to the Assigned state.
TYPEIndicates the number of remediation tasks categorized by their type.
For example: Quarantine host (2) indicates there are 2 tasks of the type Quarantine host.
Selecting one of the displayed options filters the tasks and displays only the tasks of the selected type.
For example: If you select Quarantine host (2), the Remediation Tasks panel displays only the 2 incidents that are of the type Quarantine host.
TARGET QUEUEIndicates the remediation tasks categorized depending on the Assignment queue. For example: Operations (5) indicates there are 5 incidents that have remediation tasks with the assignment queue for Operations.
Selecting one of the displayed options filters the tasks and displays only the tasks depending on what is chosen.
For example: If you select Operations (5), the Remediation Tasks panel displays only the 5 tasks that are in the assignment queue for Operations.
CREATED BYIndicates the remediation tasks categorized depending on who created the tasks.
For example: Admin (3) indicates there are 3 remediation tasks created by the Admin.
Selecting one of the displayed options filters the tasks and displays only the tasks depending on what is chosen.
For example: If you select Admin (3), the Remediation Tasks panel displays only the 3 tasks that are created by the Admin.
ASSIGNEEIndicates the remediation tasks categorized depending on who it is assigned to.
For example: <user1> (3) indicates there are 3 remediation tasks assigned to user1.
Selecting one of the displayed options filters the tasks and displays only the tasks depending on what is chosen.
For example: If you select <user1> (3), the Remediation Tasks panel displays only the 3 tasks that are assigned to user1.
ESCALATEDIndicates the remediation tasks that are escalated.
reset_selection_button.png Resets filter options to default values

The Remediation Tasks panel has a list of remediation tasks and their details.

                                                            
ParameterDescription
Date CreatedDisplays the date when the remediation task was created.
PriorityDisplays the priority assigned to the remediation task. The priority can be any of the following: Critical, High, Medium, or Low.
IDDisplays the remediation task ID.
NameDisplays the remediation task name.
AssigneeDisplays the name of the user to whom the remediation task is assigned to.
StatusDisplays the status of the remediation task. For example, New, In Progress, Remediated.
Last UpdatedDisplays the date and time when the remediation task was last updated.
Days OpenDisplays the number of days the remediation task has been open.
Incident IDDisplays the Incident ID of the incident to which the remediation task is created for.
Created ByDisplays the user who created the remediation task.
Escalated?Displays whether the remediation task has been escalated.
Linked TicketDisplays the whether the remediation task was sent as a help desk ticket or to any other third party solution.

Toolbar

This table lists the operations that can be performed in the Remediation Tasks view.

                            
ParameterDescription
rem_task_delete.png Allows you to delete remediation task(s).
rem_task_edit.png Allows you to modify the remediation task.
push_to_helpdesk.png Allows you to send the remediation task to Help Desk.
push_to_archer.png Allows you to send the remediation task to RSA Archer.
You are here: Incident Management Reference Information > Incident Management: Remediation View

Attachments

    Outcomes