AlienVault® USM Appliance™

Ticket Management

A ticket is a tracking tool that contains information about detected alarms or any other issues that you want to manage in a workflow. When dealing with alarms and events, the best practice is to always keep track of progress and insights into the issue by creating a ticket, either through the USM Appliance ticketing system or through your own company's ticketing system, if applicable. Not only can creating a ticket for an alarm or event help you in a future investigation, it also creates an audit trail to track what you saw, what actions were taken, and track progress on the issue.

When you select the Analysis > Tickets option, USM Appliance displays the following page.

Tickets page

This page provides access to the USM Appliance ticket remediation system. Tickets provide workflow tracking of activity related to detected alarms or any other issues that you want to keep track of. By default, the USM Appliance web UI displays a list of all tickets. In addition, you can click Create to open a new ticket of a specific type or category.

In the Filters section at the top of the page, you can choose criteria to filter the ticket results. You can choose additional criteria to filter ticket results by clicking the Switch to Advanced option.

From the Ticket summary list, you can click a specific ticket to display the details of the ticket on a new page. From this ticket detail display, you can perform various actions such as editing fields in the ticket, assigning the ticket, adding notes and attachments, and changing the status and priority of a ticket, depending on whatever method or process you want to use to track resolution of issues.