Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

Linking runbooks with security incidents

Devanshi Tiwar1
Tera Contributor

‎03-07-2024 07:31 AM

Hi,

 

I am trying to link a runbook with incidents and incident response tasks by adding a filter condition.

(Incident description contains phishing) (Screenshot attached)

But this does not reflect when a new phishing incident is created or in any existing incident.

Any suggestions will be helpful.

 

Thanks!

 

 

 

Preview file
57 KB
0 Helpfuls
  • 581 Views
1 REPLY 1

fkaracaer
Tera Contributor

‎03-14-2024 02:20 AM

Hi Devanshi,

Maybe you can change the filter condition to a different data point.

For example, Category is Social Engineering, or if you have use User Reported Phish a specific statement at the beginning of the Short Description of the SIR like, Short Description startswith "User Reported Phish".

 

0 Helpfuls