Recommendation #1: read the JANET guide on how they use RTIR.
Recommendation #2: don't take it as the gospel.
I've streamlined our process a bit by not (always) using Reports or
Investigations. I've also had our RT admin add a few custom fields to
make my life easier when it comes to reporting.
Mike
On 2013-04-24 12:08 PM, John Franklin wrote:
That looks (RTR) pretty interesting, I'm glad I stumbled across this
discussion.
On Tue, Apr 23, 2013 at 5:17 PM, Mike Patterson <[email protected]> wrote:
Seconded. RTIR is a bit weird and seems a bit klunky/heavy when you first
start out with it, but if you're dealing with more than a few dozen
incidents (we number ... significantly more) then it really helps.
I've written some tools to ease reporting from RT+RTIR, they're on github
if you get that far.
Mike
On 2013-04-23 10:57 AM, Tim Krabec wrote:
http://bestpractical.com/**products.html<http://bestpractical.com/products.html>
On Mon, Apr 22, 2013 at 11:00 PM, Dan Baxter <[email protected]>*
*wrote:
My employer has been using a ancient Notes database to track security
incidents. We are finally discussing getting rid of it. I'm looking for
recommendations for replacements. This should be able to track data for
a
variety of security incidents, from a malware incident, to an
investigation
of an employee for fraud.
I'm not looking for open source, necessarily, although that could be a
bonus. Anyone have any recommendations?
Thanks in advance.
Dan Baxter
------------------------------**-------------------
Quis custodiet ipsos custodes?
"A sword never kills anybody; it is a tool in the killers hands."-Lucius
Annaeus Seneca, c.4BC-65AD
______________________________**_________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/**cgi-bin/mailman/listinfo/**pauldotcom<http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom>
Main Web Site: http://pauldotcom.com
______________________________**_________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/**cgi-bin/mailman/listinfo/**pauldotcom<http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom>
Main Web Site: http://pauldotcom.com
______________________________**_________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/**cgi-bin/mailman/listinfo/**pauldotcom<http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom>
Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
