===== Incident Management ===== In Zebrix Control, an **incident** refers to the creation or update of an external notification triggered by a change in an equipment’s status. Incidents allow you to automatically alert your teams through one or multiple communication channels. Incident management is based on three complementary levels: * **Notification Channel**: Defines the communication method (email, Teams, ServiceNow, webhook, etc.) * **Incident Connector**: Defines when the channel is triggered (incident opening, closing, or both) * **Incident Configuration**: Defines which status levels trigger the incident These three elements work together following a hierarchical logic: Configuration → Connector → Channel ==== Notification Channels ==== A notification channel is the technical method used to send alerts to an external platform. Detailed documentation: [[en:config:incidents:email|Email configuration]] \\ [[en:config:incidents:teams|Teams configuration]] \\ [[en:config:incidents:webhook|Webhook configuration]] \\ [[en:config:incidents:discord|Discord configuration]] \\ [[en:config:incidents:slack|Slack configuration]] \\ [[en:config:incidents:snow|ServiceNow configuration]] \\ [[en:config:incidents:easyvista|Easy Vista Configuration]] \\ ==== Incident Connector ==== The connector links one or multiple channels to a triggering behavior. To add a connector: - Go to **Configuration → Incidents → Connectors** - Click **➕ Add** - Complete the following fields: * **Name**: Provide a descriptive name * **Channel**: Select one or more notification channels * **Opening / Closing**: Specify whether the connector should be triggered on incident opening, closing, or both Example: If both opening and closing are enabled for a ServiceNow connector, a ticket will automatically be created when the alarm appears and closed when it is resolved. ==== Incident Configuration ==== The incident configuration defines **which alert levels trigger a notification**. To create a configuration: - Go to **Configuration → Incidents → Configuration** - Click **➕ Add** - Complete the following fields: * **Name**: Provide a descriptive name * **Trigger Level**: Select the alert level that initiates the incident * **Trigger Level Scope**: * **Only this level**: The incident will be triggered only when the alert matches the selected level exactly. * **This level and worse**: The incident will be triggered for the selected level and all higher severity levels. * Example: A configuration set to **Warning** will trigger incidents for **Warning**, **Critical**, and **Unreachable** alarms. * **Connectors**: Select the connector(s) to associate with this configuration {{ .:pasted:20260223-104147.png }} ==== Applying a Configuration to an Equipment ==== To apply an incident configuration: - Go to the equipment configuration - Open the **Incident Configurations** tab - Select the desired configuration(s) {{ :en:config:pasted:20250321-165121.png }} An equipment can be associated with multiple incident configurations depending on its criticality or operational scope.