Is there a way to implement in SecOps SOAR either via Playbook or something that will automatically notify if the SLA Clock is on critical period?
Solved
SLA Breach Notification
Best answer by ErikaB
Hi @JMon38
The "Set Case SLA Action" can be used within a Playbook to define SLA parameters, including the SLA Period and SLA Time to Critical Period.
This action sets the breach and critical times relative to the case creation time or the start of a specific case stage. So your playbook needs to account for this when calculating the remaining time and triggering the notification.
+10- Community Manager
- Answer
Hi @JMon38
The "Set Case SLA Action" can be used within a Playbook to define SLA parameters, including the SLA Period and SLA Time to Critical Period.
This action sets the breach and critical times relative to the case creation time or the start of a specific case stage. So your playbook needs to account for this when calculating the remaining time and triggering the notification.
+7- Bronze 3
Hi @ErikaB Could you please help me icouldnt find right parameters to create playbook for that.
I want to define SLA periods in our environment and ensure that our analysts are notified accordingly. For example, if an SLA is defined for 12 hours, the assigned analyst should receive:
A medium-priority notification after 6 hours,
A critical notification after 8 hours,
And a final notification when the SLA is breached (i.e., after 12 hours).
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.