Incident Handling: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
Line 17: | Line 17: | ||
# Communicate plan/next steps (even if that is gathering information) | # Communicate plan/next steps (even if that is gathering information) | ||
# Communicate findings/results of executed plan, go back to previous step if not resolved | # Communicate findings/results of executed plan, go back to previous step if not resolved | ||
# If there is no resolution to the incident, evaluate if the trigger needs updating/disabling | |||
# Get a review of your resolution/conclusion | |||
# Resolve incident | # Resolve incident | ||
Revision as of 07:16, 4 August 2023
Critical incidents
- Critical incidents are resolved within 16 hours.
Checklist
- Acknowledge on Zabbix and state who is responsible for resolving this in the description
- Determine affected clients
- Communicate to affected clients that the issue is being investigated
- Communicate plan/next steps (even if that is gathering information)
- Communicate findings/results of executed plan, go back to previous step if not resolved
- Resolve incident
Non-Critical incidents
- Non-critical incidents are acknowledged within 9 hours and resolved within one week.
Checklist
- Acknowledge on Zabbix and state who is responsible for resolving this in the description
- Communicate plan/next steps (even if that is gathering information)
- Communicate findings/results of executed plan, go back to previous step if not resolved
- If there is no resolution to the incident, evaluate if the trigger needs updating/disabling
- Get a review of your resolution/conclusion
- Resolve incident
Informational incidents
- Informational incidents are acknowledged within 72 hours
Checklist
- Acknowledge on Zabbix
- Sanity check the event, post result in thread
- If action needed, perform action