Network Incident Report Template

Solution 1:

A lot of what goes into an incident report depends on your audience; the report you file with the technical teams may differ from the report for customers. Here are some sections I use for an internal report.

• Report title
• Report author(s) and contact info
• Report date
• Report summary/brief synopsis
• Incident severity (if you have a severity level scheme)
• Incident duration
• Services impacted
• Users/customers impacted
• Impact to service level agreement(s)
• Incident timeline (including detection and notifications)
• Incident details: root cause and analysis
• Conclusion: description how the incident will be kept from happening again
  • Short term/temporary fix(es)
  • Long term/permanent fix(es)
• For internal reports: Action items by team/assignee with applicable tracking/bug numbers
• For internal reports: Related incident/ticket numbers
• For internal reports: Log excerpts or links to archived logs

I'm keen to see what other people track in their reports!

Solution 2:

• Critical incident report

  Header - network information, system information, and severity info 1-5.

  5 is system outage.

• Observer

  Person who observed the incident

• Summary

  What was observed.

• Background

  Has this happened before? Why was this found at this time.

• Issues

  What this impacts and why?

• Recommended fixes

  How do I fix this?

• Audit points

  How do I check to see if this is fixed?