2 In the Create Incident dialog box, provide the following information:
Title
State
Severity
Priority
Category
Responsible
Description
Resolution
3 Click Create. The incident is added to the Incidents page of the Sentinel Control Center.
To do this, you must have user permission to create incidents.
13.3 iTRAC
This section gives and idea relevant to iTRAC.
Section 13.3.1, "Instantiating a Process," on page 298
13.3.1 Instantiating a Process
An iTRAC process can be instantiated on the iTRAC server by using one of the following methods
to associate an iTRAC process to an incident:
Associating an iTRAC process to the incident at the time of incident creation
Associating an iTRAC process to the incident after the incident is created
Associating an iTRAC process to an incident as an action when deploying a correlation rule
For more information on associating a process to an incident, see
page 83
and
NOTE: If you want to perform all of the iTRAC scenarios, you must go through them in the order
they are presented.
"Example Scenario: Creating a Simple Two-Tiered iTRAC Process for a Possible Network
Attack" on page 298
"Example Scenario: Running an iTRAC Process for a Possible Network Attack" on page 305
Example Scenario: Creating a Simple Two-Tiered iTRAC Process for a Possible
Network Attack
This process is a series of steps that you can take if there is a possible attack on your system.
298 Sentinel 6.1 Rapid Deployment User Guide
Chapter 5, "Incidents Tab," on page
Chapter 4, "Correlation Tab," on
109.