×
Built-In: Incident Nodes
Nevelex Labs Logo

Overview

The Security Flow Incident nodes provide the ability to manage meta data of an incident. The changes made by the nodes are viewable on the Incident Timeline, Incidents Screen, and the Incidents List.

Functionality

The Incident nodes expose the following functionality:

  • Create an Incident via the NL-Incident-Create node. Most NL nodes will do this automatically, but this provides a way to explicitly create an Incident for the active message.
  • Add a Note to a new or existing Incident via the NL-Incident-Add-Note node.
  • Set the Incident name via the NL-Incident-Set-Name node.
  • Set the Incident status to Open or Closed by Flow via the NL-Incident-Set-Status node.
  • Get the Incident’s timelines URL via the NL-Incident-Get-Timeline-URL node.
  • Set the Incident’s Category via the NL-Incident-Set-Category node.

Flow Nodes

Adds a note to the Incident's timeline as defined by the configuration settings. When a message arrives, the Incident's timeline is updated with a new note. The note is generated using a user-specified set of rules.
Property
Description
Name

The display name of the node within the flows.

Note

The note is created by concatenating all user-specified elements in the list.

  • string: Static text entered by user.
  • msg.: Allows for the selection of an attribute within the message traversing the flow. If the attribute is not found in the message, ‘”attribute name” undefined’ is added to the note instead.
  • flow name: Will append the name of the current flow.
  • now (time): Will append the current time in HH:MM:SS format.
  • now (date:time): Will append the current time in MM/DD/YY-HH:MM:SS format.
  • J: expression: JSONata expression language to perform query and transform operations on the payload.
Creates an Incident for the incoming message. This is to create a tracking point for Incidents in the flow.
Property
Description
Name

The display name of the node within the flows.

Always Create New Incident

If Always Create New Incident evaluates to a JavaScript truthy value, a new Incident, with a fresh timeline, is created at this point in the flow, regardless of whether or not an Incident already exists. Additionally, a new msg._msgid is assigned to the outgoing message. This is useful in any scenario where multiple independent operations need to be tracked within unique Incidents.

If Always Create New Incident evaluates to a JavaScript falsy value, a new Incident is only created if one does not already exist. The message continues through the node unaltered.

Sets the name of the Incident as defined by the configuration settings. When a message arrives, the node will rename the Incident based on a user-specified set of rules.
Property
Description
Name

The display name of the node within the flows.

Editable List

The name is created by concatenating all user-specified elements in the list.

  • string: Simple text entered by user.
  • msg.: Allows for the selection of an attribute within the message traversing the flow. If the attribute is not found in the message, ‘”attribute name” undefined’ is added to the note instead.
  • flow name: Will append the name of the current flow.
  • now (time): Will append the current time in HH:MM:SS format.
  • now (date:time): Will append the current date and time in MM/DD/YY-HH:MM:SS format.
  • J: expression: JSONata expression language to perform query and transform operations on the payload.
Utility node to change the status of the Incident, i.e. the current message in the flow, to either opened (Open) or closed (Closed by Flow). An Incident is automatically created by any Nevelex Labs node included in the flows when a message is received by the node. If this node is the first Nevelex Labs node in the flow, it will create a new Incident with the desired status. For more information on status changes see Incident Statuses and Transitions.
Property
Description
Name

The display name of the node within the flows.

Status

If the Incident exists, this node will update the status to the selected value, if allowed by the rules following.

  • The status change to Open is allowed if and only if the Incident is currently in any closed state.
  • The status change to Closed by Flow is allowed if and only if the Incident is currently in the open state and there are not any pending messages in the flows.
Node to retrieve the Incident timeline URL and add the URL into the msg.__sfMeta__ meta data object. Upon receiving a message on the input, this node adds the url field into the msg.__sfMeta__ pathway of the message.

Property
Description
Name

The display name of the node within the flows.

This node sets the category for the Incident containing the current message. Category names are case-sensitive. If the supplied Category does not match an existing category, a new category is automatically created. If the Category is not supplied, no category is assigned to the active Incident.
Property
Description
Name

The display name of the node within the flows.

Category

The Category assigned to the incident.

Success

The NL incident nodes used in the following screen shot are configured to:

  • Create an Incident
  • Add a note saying “Hello”.
  • Set the incidents name to the current date and time.
  • Close the incident

The flow used in this example is shown below.

The Incident’s timeline is shown below.

Nevelex Labs, Main Office

Metro Office Park
2950 Metro Drive, Suite 104
Bloomington, MN 55425
Phone: +1 952-500-8921

©Nevelex Labs, LLC. 2018-2024, All Rights Reserved.

EULA