Managing abnormal Security Center events - Mission Control

Preconfigured Genetec Mission Controlâ„¢ incidents

Applies to
Mission Control
Last updated
2021-07-30
Language
English
Product
Mission Control
Version
3.2
3.1
3.0
2.13

Use the Abnormal Events - Security Center incident type to alert operators to Security Center events that can cause system outage such as Application lost, Database lost, and so on.

Abnormal Events - Security Center incident type: functionality

This incident type is configured to be triggered automatically on detecting one or a combination of selected Security Center events. The system then executes a preconfigured automation workflow that emails Administrators about an active incident. The system also sends a confirmation email with selected details when the incident is resolved.
Tip: You must specify at least one valid email address for notification emails.

For more information on the how the operator can monitor and manage the incident, see the Genetec Mission Controlâ„¢ User Guide .

Abnormal Events - Security Center incident type configuration

The incident type is preconfigured with the following:

Abnormal Events - Security Center incident type: triggers

The incident is configured to be automatically triggered when any of the following events occur:
  • Application lost
  • Archiving stopped
  • Cannot write on the specified location
  • Database lost
  • Invalid custom encryption values
  • VRM connection failure
  • Health event:
    • Agent stopped
    • Application disconnected unexpectedly
    • Application stopped unexpectedly
    • Archive backup failed
    • Database automatic backup failed
    • CPU usage high
    • Database lost (Point of sale)
    • Database lost
    • Database space low
    • Directory stopped unexpectedly
    • Disk access unauthorized
    • Duplicating archives failed
    • Live server monitoring failed
    • Main database lost
    • Memory usage high
    • Remaining archive disk space low
    • Role stopped unexpectedly
    • Server stopped unexpectedly
    • Synchronization failed
    • Unit time out of sync with time server

Based on your setup, you can add, remove or modify triggers as required. For more details, see Modifying incident triggers.

Abnormal Events - Security Center incident type: automation workflow

After the incident is triggered, the system waits to see if the error resolves itself. If it does, the system emails the Administrators and automatically closes the incident.

If manual intervention is required to fix the issue, the system waits for the operator to respond to the dynamic incident procedure. After the operator confirms error resolution, the system sends a notification email to users configured as Administrators with the following details:
  • Latest activity log
  • Last event
  • Incident trigger time
  • Incident owner
  • Incident sources
  • Incident location
You can modify any of these details such as email recipients, details included in the notification email, and so on by selecting the incident type from the Incident configuration page in Config Tool and modifying the corresponding automation workflow activity in the incident's Automation tab.

For more details, see Modifying incident automation workflow activities.

Abnormal Events - Security Center incident type: user procedure

The incident is configured with a dynamic procedure, that accepts operator response and directs system action accordingly.

The incident procedure steps include directives for the operators to put the incident on hold until resolution.

For more details, see Modifying incident user procedures.

For more information on incident type configuration, see the Mission Control Administrator Guide.