Manage the Incidents list
The Incidents page displays a list of all the incidents in your system. You can use this screen to monitor the incidents across your organization, prioritizing which incidents require your attention based on their age, severity, status, or impacted services. If you experience a flood of incidents, you can also quickly reject the duplicate incidents by doing a bulk update of their status.
From this page, you can drill through to view a detailed timeline of how an incident is progressing, to engage resolvers to collaborate in real time, and to update the incident's details. For resolved incidents, Advanced plan customers can clearly see the status of any Post-Incident reports that have been created at a glance. Clicking the status links you to the report screen, so you can quickly review the information, make edits, or export it.
The following sections describe the actions you can perform on the Incidents page:
In the side navigation menu, click Incidents.
If you don't have permission to access and manage incidents in xMatters, the Incidents option does not appear in the navigation menu.
To more easily view data in the list, do one or more of the following:
- To sort the content of a column in alphabetical or chronological order, click the column header. (Click the header again to reverse the sort order.)
- To change the width of a column, move the pointer over the edge of the column and when the re-size icon appears, click and drag the column to the desired size.
- To rearrange the columns, click and drag a column header to a new location on the table.
- If the list contains more entries or columns than can be displayed on your screen, scroll horizontally or vertically. The system automatically loads more data as you scroll down the page.
- To include or exclude columns, click the Columns drop-down menu and select or clear the columns that are included. When you've hidden a column and want to see it again, it is added as the last column of the table.
The Incidents list includes the following columns:
|Severity||The severity assigned to the incident. Values include: Minimal, Low, Medium, High, and Critical.|
|The status assigned to the incident. Values include: Detected, In Progress, Mitigated, Resolved, and Rejected.|
|Incident||The incident's summary and description.|
|Created||The date and time the incident was initiated in xMatters.|
|Incident Commander||The user assigned as the Incident Commander.|
The incident's identifier in xMatters or an external system. (Incident IDs automatically assigned by xMatters are prepended with "INC-".)
|Post-Incident Report||The status of the Post-Incident Report. If the field is blank, a report hasn't been created yet. Values include: Draft, Ready for Review, Reviewed, Closed.|
The services reported as impacted by the incident. Services are color-coded to represent the highest incident severity they're affected by, for example:
The Incidents list includes a date selector you can use to view incidents that occurred during a specific timeframe. By default, incidents from all dates are displayed, but you can view incidents over a variety of past time intervals or over a specific date and time period.
To view incidents by date:
- On the Incidents page, select one of the following options from the date selector:
- Past 24 Hours
- Past 30 Days
- Past 60 Days
- Past 90 Days
- All Dates
- Date Range
- If you selected Date Range, use the calendar and time pickers to select the start and end time of the date range.
- Click Apply.
You can use the search bar to find incidents based on their summary, description, or incident ID.
Start typing in the search bar (a minimum of two characters is required). xMatters automatically updates the list to display items that contain (partially match) the search term, and highlights the portion of each item that matches the specified criteria. If you search multiple terms, xMatters returns incidents that match all of the terms.
To clear your search, click the 'x' in the right corner of the search bar.
The available filters allow you to narrow the incidents list based on matching specific criteria. For example, you can use filters to locate open incidents with high or critical severity that impact particular services, like the 'Inventory' service in the screenshot below:
You can apply one or more filters to narrow down the list of incidents. If you apply multiple filters, xMatters only returns incidents that match all of the specified filter criteria. For detailed instructions on how to use filters, see Filtering data tables.
The following table describes the available filters on the Incidents page and their values:
|Impacted Service||A list of the services defined in the Service Catalog.|
Click an incident's summary to open it in the Incident Console.
The Incidents list includes controls to update the status and severity of incidents in bulk, rather than having to update each incident individually from the incident console.
This is useful when an event affecting your system or services triggers a flood of duplicate incidents. You can reject the duplicates to reduce noise, filter them from the Incidents list, and exclude them from your analytics.
To update incidents in bulk:
- On the Incidents list, use the search bar or filters to find the incidents you want to update.
- Select the check box beside an incident to select it, or use the Select All check box.
- To update the incident's status or severity, select the Update Status or Update Severity drop-down and select a new value.
- xMatters displays the Bulk Update Incident Status or Bulk Update Incident Severity dialog box, depending on which field you chose to update.
- To reject duplicate incidents, update their status to Rejected.
- Enter a note explaining the change. This justification is added to the timeline for each incident.
- Click Update.
- Once you've finished updating the incidents, close the update controls by clicking Done.
Click a service to display an info card with its name, description, active incidents, owner, and a link to view the service. If a service is undefined (not included in the Service Catalog), no additional information is included.
To view who is on call for a service:
Click the Owner group to view who is currently on call (including shifts, members, and escalations).
To view active incidents associated with a service:
The service info card includes a count of the number of active incidents currently impacting that service (incidents are considered active if their status is 'Open' or 'In Progress'). The incident icon (the flame icon) is color-coded by the highest severity of any active incidents impacting the service. In the example above, the service has 7 associated active incidents and the highest severity level of one or more of those incidents is 'Critical'. You can click the incident count to drill through to a filtered view of those incidents in the Incidents list.