Network Incident Report Template

Solution 1:

A lot of what goes into an incident report depends on your audience; the report you file with the technical teams may differ from the report for customers. Here are some sections I use for an internal report.

  • Report title
  • Report author(s) and contact info
  • Report date
  • Report summary/brief synopsis
  • Incident severity (if you have a severity level scheme)
  • Incident duration
  • Services impacted
  • Users/customers impacted
  • Impact to service level agreement(s)
  • Incident timeline (including detection and notifications)
  • Incident details: root cause and analysis
  • Conclusion: description how the incident will be kept from happening again
    • Short term/temporary fix(es)
    • Long term/permanent fix(es)
  • For internal reports: Action items by team/assignee with applicable tracking/bug numbers
  • For internal reports: Related incident/ticket numbers
  • For internal reports: Log excerpts or links to archived logs

I'm keen to see what other people track in their reports!

Solution 2:

  • Critical incident report

    Header - network information, system information, and severity info 1-5.

    5 is system outage.

  • Observer

    Person who observed the incident

  • Summary

    What was observed.

  • Background

    Has this happened before? Why was this found at this time.

  • Issues

    What this impacts and why?

  • Recommended fixes

    How do I fix this?

  • Audit points

    How do I check to see if this is fixed?