Fortinet black logo

User Guide

Acknowledging incidents and other actions

24.1.0
Copy Link
Copy Doc ID af1daa65-c273-11ec-9fd1-fa163e15d75b:255009
Download PDF

Acknowledging incidents and other actions

The following actions are available from the mobile app:

Acknowledge an incident

Acknowledging an incident marks the incident with your name. You also have the option to add a message to the incident log and broadcast that message to all of the users and integrations configured in the incident’s Alert Timeline. To acknowledge an incident, perform the following steps:

  1. Tap an active incident to open it.

  2. Tap Ack. The Acknowledge Incident page will be displayed.

  3. From this page, you can also see the following:

    • The Incident Lead

    • The list of users who are scheduled to get alerts based on the incident’s Alert Timeline

  4. (Optional) Add a message to the incident log.

  5. (Optional) Enable the Broadcast Message option.

  6. Tap Submit.

Schedule Maintenance

To schedule maintenance from the mobile app, perform the following steps:

  1. Tap an active incident to open it.

  2. (Optional) Edit the Maintenance Name.

  3. Enter a Start Time.

  4. Select a Maintenance Duration from the available options.

    • 5 minutes

    • 15 minutes

    • 30 minutes

    • 60 minutes

  5. Select a Monitoring option:

    • Continue monitoring but don't create incidents –All monitoring for the instances covered by the Maintenance Period will continue - however, incidents will not be created, regardless of the monitoring data collected.

    • Pause monitoring – All monitoring for the instances covered by the Maintenance Period will be paused - meaning no incidents will be created and no alerts will be sent.

    • Continue monitoring & creating incidents but don't send alerts – All monitoring for the instances covered by the Maintenance Period will continue and incidents will be created accordingly - however, no alerts will be sent for any detected incidents.

    • Continue monitoring, creating incidents, and sending alerts – Things will operate as normal - however, an Alert Timeline override must be selected to be used for alerting.

  6. You can also choose to enable the following options:

    • End applicable incidents when the period begins – If checked, any active incidents that are present when maintenance begins will be force-closed.

    • Show indicator on status page – If checked, a Maintenance badge will be displayed on your FortiMonitor Status pages if you are using them.

Delay Alerts

Delaying an alert postpones all of the future alerts on the Alert Timeline for a specified length of time. To delay alerts on one or more incidents, perform the following steps:

  1. Tap an active incident to open it.

  2. Select the duration you want the alert to be delayed:

    • 15 minutes

    • 30 minutes

    • 45 minutes

    • 60 minutes

  3. Tap Submit.

From this page, you can also see a timeline of upcoming alerts including team members who are next in line to be alerted and their contact methods.

Cancel Alerts

Cancel Alerts stops all upcoming alerts for the selected incident. To cancel alerts, perform the following steps:

  1. Tap an active incident to open it.

  2. Tap Cancel Alerts.

Escalate Alerts

Escalating an alert immediately sends the next alert configured in the Alert Timeline. To escalate alerts, perform the following steps:

  1. Tap an active incident to open it.

  2. Tap Escalate.

Acknowledging incidents and other actions

The following actions are available from the mobile app:

Acknowledge an incident

Acknowledging an incident marks the incident with your name. You also have the option to add a message to the incident log and broadcast that message to all of the users and integrations configured in the incident’s Alert Timeline. To acknowledge an incident, perform the following steps:

  1. Tap an active incident to open it.

  2. Tap Ack. The Acknowledge Incident page will be displayed.

  3. From this page, you can also see the following:

    • The Incident Lead

    • The list of users who are scheduled to get alerts based on the incident’s Alert Timeline

  4. (Optional) Add a message to the incident log.

  5. (Optional) Enable the Broadcast Message option.

  6. Tap Submit.

Schedule Maintenance

To schedule maintenance from the mobile app, perform the following steps:

  1. Tap an active incident to open it.

  2. (Optional) Edit the Maintenance Name.

  3. Enter a Start Time.

  4. Select a Maintenance Duration from the available options.

    • 5 minutes

    • 15 minutes

    • 30 minutes

    • 60 minutes

  5. Select a Monitoring option:

    • Continue monitoring but don't create incidents –All monitoring for the instances covered by the Maintenance Period will continue - however, incidents will not be created, regardless of the monitoring data collected.

    • Pause monitoring – All monitoring for the instances covered by the Maintenance Period will be paused - meaning no incidents will be created and no alerts will be sent.

    • Continue monitoring & creating incidents but don't send alerts – All monitoring for the instances covered by the Maintenance Period will continue and incidents will be created accordingly - however, no alerts will be sent for any detected incidents.

    • Continue monitoring, creating incidents, and sending alerts – Things will operate as normal - however, an Alert Timeline override must be selected to be used for alerting.

  6. You can also choose to enable the following options:

    • End applicable incidents when the period begins – If checked, any active incidents that are present when maintenance begins will be force-closed.

    • Show indicator on status page – If checked, a Maintenance badge will be displayed on your FortiMonitor Status pages if you are using them.

Delay Alerts

Delaying an alert postpones all of the future alerts on the Alert Timeline for a specified length of time. To delay alerts on one or more incidents, perform the following steps:

  1. Tap an active incident to open it.

  2. Select the duration you want the alert to be delayed:

    • 15 minutes

    • 30 minutes

    • 45 minutes

    • 60 minutes

  3. Tap Submit.

From this page, you can also see a timeline of upcoming alerts including team members who are next in line to be alerted and their contact methods.

Cancel Alerts

Cancel Alerts stops all upcoming alerts for the selected incident. To cancel alerts, perform the following steps:

  1. Tap an active incident to open it.

  2. Tap Cancel Alerts.

Escalate Alerts

Escalating an alert immediately sends the next alert configured in the Alert Timeline. To escalate alerts, perform the following steps:

  1. Tap an active incident to open it.

  2. Tap Escalate.