2.1.19. INCIDENT REPORTS

INCIDENT REPORTS automatically analyze any malicious logs detected by devices as well as create detection reports.
Security Incident Report will upload to INCIDENT REPORTS portlet.
You can receive notifications about Security Incident Report uploads via your registered email.

2.1.19.1. The Summary : INCIDENT REPORTS

The Summary of INCIDENT REPORTS allows you to view the latest five statuses and respective subjects.
Once you have clicked the red-boxed [ Reflesh ] button as below, the latest ticket will be re-read in.
Summary

2.1.19.2. Detail Screen : INCIDENT REPORTS

At the INCIDENT REPORTS detail screen, you can review Security Incident Report as well as download one.
Detail Screen

Items

Overview

( Search & Filtering )

You can search and according to the ID (an Incident ID) and the incident status.

( Navigation )

At the Incident Report screen, the maximum 15 incidents will be able to display for each page. At the time that more than fifteen incidents, a maximum limit, have occurred, the navigation button will display.

Status

Either [ Open ] or [ Closed ] will display as an incident status.

Subject

This describes the Subject Name

ID

This is the incident ID number being automatically assigned.

Zoom Button

By clicking Zoom Buttons, you can display the further details on an incident.

Creation Date

Updated Time & Date on each incident will display.


2.1.19.3. INCIDENT REPORTS Display

To view Security Incident Report , click the [ Zoom (viewing) ] button at the INCIDENT REPORTS detail screen.
閲覧ボタン

The PDF file on Security Incident Report has been attached.
確認画面
Please refer to [ Sample : |report| ], for further details on the Report.

Note

You can not contact us from the following screen. Please contact us via issuing a Ticket of ECL2.0 Ticket System


2.1.19.4. INCIDENT REPORTS Notification

As a result in Security Automatic Analysis, when Security Incident Report is created and uploaded to INCIDENT REPORTS , a notification email will be sent to your registered destination email address, automatically.
The notification email address has been set up upon [ Customer Profile ] screen.
Please refer to [ How to Set up Security Incident Report Notifications. ] , for more information.

Sample 1 : Notification Email

Subject [ Email Subject }

Attack Notification

From (Sender Email Address)

no-reply@jp.ivs.wideanglentt.com

Body (Email Text)

Dear Customer,

This is NTT Communications Group Global Risk Operation Center (GROC).
We have detected suspicious behavior(s) in your network and new ticket has been issued with below ticket ID.

Ticket ID : [Ticket Number]

Also, incident report of the behavior(s) is available in the ticket; please login to customer portal for further detail.
NOTE: Email Body of notification email may be changed without any advance notice.

Note

Important Notes : Notification Email

  • The sender address of notification email is [ no-reply@jp.ivs.wideanglentt.com ] . If you have set up the receiving and declining incoming emails by specifying certain email addresses and these domains, you need to verify the incoming email settings.

  • [ no-reply@jp.ivs.wideanglentt.com ] is dedicated just for a Source Email Address. NOTE: you can NOT reply to this source email address.


2.1.19.5. Sample 2 : |report|

確認画面

Contents on Incident Reports

Number

Items

Description

1 Customer

Customer Name

2 Device

Name of The Divice

3 Reference

This is an incident ID being automatically assigned.

4 Severity

Degree of Severity

5

Time & Date

This shows Time & Date of the latest threat log to be reported.

6 Description

Description on the Relevant Severity

7

Recommendations & Actions

This explains respective recommended measures and actions for various threats.

8 Access Patterns

Drawing threat access status

9 Details

Threat detail information