Ticket screens

The BMC Defender Server Tickets application furnishes the highest level of message correlation by creating actionable incidents in a traditional incident management framework. Tickets are automatically opened by the Alerts and Patterns facilities. Tickets are assigned to either registered BMC Defender Server users, or a user defined ticket group.

The Tickets facility includes screens that display the open tickets for a user, and the closed tickets for a user, selectable using a drop-down menu. When a ticket is closed, it is not deleted from the system. Instead, it is placed in the Closed tab as a record of the incident. This preserves the ticket information and demonstrates that tickets are being reviewed (that is important for many types of regulatory compliance, including PCI DSS, HIPAA, SOX, and other regulations). 

In addition to viewing and processing opened and closed tickets, the Tickets application includes an Action facility that executes programs when tickets are opened or closed or both. This facility is similar to Correlation Actions discussed previously, but operates independent of correlation actions, sending e-mail or providing other notifications when tickets are opened or modified. The Ticket Actions facility also allows the ticketing system to be easily interfaced to a third-party help desk system.

Finally, the Tickets screens include various specialized configuration screens and tools that can limit the number and type of tickets being opened on the system, and reduce the amount of notifications that are sent, especially during selected times and days of the week.

This section provides information about the following topics: