Home
Play books
Log360 Cloud - Create or update incident

Log360 Cloud - Create or update incident

In this page

Playbook Description

The Log360 Cloud playbook automates incident lifecycle management. It first lists incidents to fetch current status details. If an open incident exists, the flow attaches new evidence to the existing record. If no open case is found, it creates a new critical incident, populating it with alert evidence and investigative notes to ensure streamlined response and historical tracking.

MITRE D3FEND mapping

Tactics	Techniques	Sub-techniques
(Detect) D3-Detect	(Network Traffic Analysis) D3-NTA	(Connection Attempt Analysis) D3-CAA

Dependencies

Utility:

utility_getIncidentStatusDetails

Execution workflow

Lists incidents matching the given name.
Fetches incident status details and sets the name.
If open, updates the existing incident.
If no open incident found, creates a new critical incident.

Awards & recognition

ManageEngine named in 2025 Gartner MQ for SIEM Gartner Peer Insights Customers' choice for SIEM

Editor's choice

8th time in the MQ in 2025

Major player in 2024

Integrated cloud security Innovator

Technical excellence in SIEM

Market leader most innovative

Log360 Cloud - Create or update incident

In this page

Playbook Description

MITRE D3FEND mapping

Dependencies

Utility:

Execution workflow

Awards & recognition

Features

Support

Solutions by industry

Related solutions

One-stop solution to all Log Management and Active Directory Auditing