Before you can test or run a process, you must establish at least 1 event class and type to create the drop down menu associated with the function "START/TEST PROCESS".
WHY? This allows strake/IR to classify each unique event that is entered into the system for future analysis and audit by type, as established by you. If you are using strake/IR for a variety of event types, here is a sampling below.
If you are maintaining only cyber response within the system, you may want to become more granular and create a class for each type of attack and event types become more specific over time as you are able to classify more.
Event class and type are tied to your initial responders, who can be assigned specific events to be notified of.
Step 1: In the Build Menu, click on
Step 2: From the top of the form, click CREATE NEW EVENT CLASS
Fill out the form that appears:
Name and Description of the Event Class
Escalation Duration: Select any duration from the drop down menu (Functionality and notifications are under construction)
Resolve Duration: Select any duration from the drop down menu (Functionality and notifications are under construction)
Step 3: Click ‘Save’
Step 4: Click ‘OK’
Step 5: To create event types, at the top of the form, click
Fill in the form that appears:
Name of Event Type, with detailed description.
Event Class that the type is associated with through the drop down.
Escalation Duration: Select from the drop down menu - this duration will appear when a team leader receives a notification to address a new 'event' that has been reported to his/her team.
Resolve Duration: Select from the drop down menu (Functionality and notifications are under construction)
Step 6: Click ‘Save’
Step 7: Click ‘OK’
Your Event Classes and Types will appear in table style under Event Configuration.
EDIT EVENT CLASS/TYPE
To edit an Event Class, use the button and a form will appear with all available Event Classes to choose from. Select the event class you wish to edit and the associated form will appear. Modify as you desire.
To edit an Event Type, double click on the name of the event type, and the form will appear for modification.
Comments