1.A: General Information (Mandatory) Reported By Severity Level Event Title Alert ID Date and Time Destination IP Source IP Destination Port Source Port Action Event Counts Threat Actor Host Impacted Service 1.B: Web Related (if applicable) Signature Log Source 1.C: Email Related (if applicable) Sender Recipient Email Subject Attachment/URL Source type 1.D: File Related (if applicable) File Name File Path File hash Signature 1.E: Access Related (if applicable) Logon Type Username Process Failure Reason Log Source Extended Error Code Machine Name 1.F: Other Activity
SECTION 2: INCIDENT SUMMARY
Type of Incident Detected Must match selected incident sub-category in the ITSM request. Description of Incident