xMatters - Create Incident for New Incidents
This incident response workflow allows you to create an incident in xMatters from a playbook or using an automation rule. When using this workflow in a playbook, the user executes the workflow and an incident is created. When using this workflow with an incident automation rule, the incident is created as soon as the workflow is executed. The workflow will also set the XDR incident's status to Incident Reported.
Description
This incident response workflow allows you to create an incident in xMatters from a playbook or using an automation rule. When using this workflow in a playbook, the user executes the workflow and an incident is created. When using this workflow with an incident automation rule, the incident is created as soon as the workflow is executed. The workflow will also set the XDR incident's status to Incident Reported.
Target: Conure APIs, Platform APIs, Private Intelligence API, xMatters
Steps:
- Get the incident summary
- Parse the incident's attributes
- Check if an incident already exists in xMatters for this incident:
- If it does, update the workflow results and continue
- If it doesn't:
- Create the incident and update the workflow result
- Update the incident's external references
- Update the incident's status to Incident Reported
This workflow requires the following targets to be available before it can be run.
Integration targets
- Cisco XDR
- xMatters