Metric Definition for Security Incident state
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-14-2024 06:13 AM
Hello,
I want to create a Metric Definition that calculates the state duration of a SIR from when it was opened till its state changed from 'Contain'.
By now I have the following script :
// variables available
// current: GlideRecord - target incident
// definition: GlideRecord - (this row)
var inc_state = current.state;
if (inc_state == 19)
createMetric();
function createMetric() {
var mi = new MetricInstance(definition, current);
if (mi.metricExists())
return;
var gr = mi.getNewRecord();
gr.start = current.sys_created_on;
gr.end = current.sys_updated_on;
gr.duration = gs.dateDiff(gr.start.getDisplayValue(), gr.end.getDisplayValue());
gr.calculation_complete = true;
gr.insert();
}
Can someone help me out or did someone run into something similar ?
Thanks in advance !
Labels:
- Labels:
-
Security Incident Response
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-14-2024 07:04 AM
What's the problem?
--
See more of my content here.
See more of my content here.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-15-2024 01:11 AM
Trying to make the script above calculate in a Metric Definition the duration for when a SIR is opened till it leaves the Contain state.
