2.2.21. INCIDENT REPORTS¶

INCIDENT REPORTS automatically analyze any malicious logs detected by devices as well as create detection reports.
INCIDENT REPORTS will upload to INCIDENT TICKET portlet.
You can receive notifications about INCIDENT REPORTS uploads via your registered email.

2.2.21.1. The Summary : INCIDENT REPORTS¶

The Summary of INCIDENT REPORTS allows you to view the latest five statuses and respective subjects.

Once you have clicked the red-boxed [ Reflesh ] button as below, the latest ticket will be re-read in.

2.2.21.2. Detail Screen : INCIDENT REPORTS¶

At the INCIDENT REPORTS detail screen, you can review INCIDENT REPORTS as well as download one.

Items	Overviews
( Search & Filtering )	You can search and according to the ID (an Incident ID) and the incident status.
( Navigation )	At the Incident Report screen, the maximum 15 incidents will be able to display for each page. At the time that more than fifteen incidents, a maximum limit, have occurred, the navigation button will display.
Status	Either [ Open ] or [ Closed ] will display as an incident status.
Subject	This describes the Subject Name
ID	This is the incident ID number being automatically assigned.
Zoom Button	By clicking Zoom Buttons, you can display the further details on an incident.
Creation Date	Updated Time & Date on each incident will display.

2.2.21.3. INCIDENT REPORTS Display¶

To view INCIDENT REPORTS , click the [ Zoom (viewing) ] button at the INCIDENT REPORTS detail screen.

The PDF file on セキュリティインシデントレポート has been attached.

Please refer to [ Sample : |report| ], for further details on the Report.

Note

You can not contact us from the following screen. Please contact us via issuing a Ticket of ECL2.0 Ticket System

2.2.21.4. INCIDENT REPORTS Notification¶

As a  result in Security Automatic Analysis, when INCIDENT REPORTS is created and uploaded to INCIDENT TICKETS , a notification email will be sent to your registered destination email address, automatically.
The notification email address has been set up upon [ Customer Profile ] screen.
Please refer to [ Security Incident Report Notifications settings.  ] , for more information.

Sample 1 : Notification Email

Subject [ Email Subject }	Attack Notification
From (Sender Email Address)	no-reply@jp.ivs.wideanglentt.com
Body (Email Text)	Dear Customer, This is NTT Communications Group Global Risk Operation Center (GROC). We have detected suspicious behavior(s) in your network and new ticket has been issued with below ticket ID. Ticket ID : [Ticket Number] Also, incident report of the behavior(s) is available in the ticket; please login to customer portal for further detail.

NOTE: Email Body of notification email may be changed without any advance notice.

Note

Important Notes : Notification Email

The sender address of notification email is [ no-reply@jp.ivs.wideanglentt.com ] . If you have set up the receiving and declining incoming emails by specifying certain email addresses and these domains, you need to verify the incoming email settings.
[ no-reply@jp.ivs.wideanglentt.com ] is dedicated just for a Source Email Address. NOTE: you can NOT reply to this source email address.

2.2.21.5. Sample : |INCIDENT REPORTS ¶

Incident Report Texts

Number	Items	Descriptions
1	Customer	Customer Name
2	Device	Device Name
3	Signature	Threat name
4	Severity	Describes how seriously the incident impacts on your utilizing ECL2.0.
5	Confidence	Detection accuracy
6	Reference	This is an incident ID being automatically assigned.
7	Time & Date	This shows Time & Date of the latest threat logs being reported.
8	Description	Description on the Relevant Severity
9	Recommendations & Actions	Recommended individual actions for various threats.
10	Access Patterns	Drawing threat access status
11	Details	Threat detail information

2.2.20. Log Analytics

2.2.22. Customer Profile