Many times a day I will login to RT+RTIR and consolidate Incident Reports
into Incidents using the IP address field in RTIR. Is there any way to
automate the consolidation process of Incident Reports into Incidents where
there’s an IP address? I would imagine it’s possible but I’m not sure what
to try even.
For those who may not have seen it - RTIR is an addon for RT. It creates
three queues called Incident Reports, Incidents and Investigations.
Incident Reports can be merged or multiple Incident Reports can be linked to
a single Incident. An Incident can be used to create a new ticket called an
Investigation. In our case we use this to consolidate abuse issues reported
by outside parties by linking individual Incident Reports into Incidents and
then opening an investigation with our customer. After our customer replies
to the Investigation and we can then respond to all the Incident Reports
separately and all at once when the Incident is resolved.
I had thought, maybe using code in a template, to script the creation of an
Incident if no other open Incident exists with the IP address(es) from the
Incident Reports. If an Incident exists with that IP address and it’s *open
- it links the new incident report with that incident. Can a script inside
a template create an Incident?
Then at regular times I can simply list the incidents and open
investigations where needed and look for incident reports with no IP address
in them (rare).
Does anyone have any ideas on how to go about this?
Thanks to anyone who has any ideas on where to start here.
Landon Stewart LStewart@SUPERB.NET
SuperbHosting.Net by Superb Internet Corp.
Toll Free (US/Canada): 888-354-6128 x 4199
Web hosting and more “Ahead of the Rest”: http://www.superbhosting.net