[Rtir] Announce RTIR 1.2 beta 2 (v 1.1.3)
BDowling at Kronos.com
Thu Oct 28 03:44:11 EDT 2004
I have been looking into RTIR recently to evaluate it for use in a corporate security environment. I am curious if anyone may be using it for such that might have some mini-howto documentation about how they actually use this solution in their environment? The documentation on this module is somewhat scarce at this point, and I am really wondering how others use this. It may be overkill for the application I am thinking of, but I really like the idea of coordinating "incidents" together with all related blocked systems, automating some of the effort in blocking X many systems and reporting them to appropriate responders in batch, etc. It is just not clear to me how all this is designed to work out of the box, aside from creating a plethora of linked tickets. ;)
Just as an example, the docs don't even mention that you need to browse to /RTIR/ after installing this, as there does not appear to be any Tabs added by default to the main RT pages (fwiw, I added one of my own).
Also, in looking at the recent RT 3.2.2/RTIR 1.1.3 release I have some questions:
1) I am trying to understand what happened in the blocks queue. At one point I saw options for "Activating" blocks (I know it was in an earlier version, but I thought I saw a glimpse somewhere in this version right after creating a block, but haven't found it again). When I view blocked tickets I have Reply/Comment options and it shows the uneditable status on the /RTIR/Update.html page, but not a direct way to change these settings? I see that the first reply to a blocked item sets it from Pending Activation to Active, and the third from Active to Pending Removal. But then I don't see how it goes to Removed? (I realize these are overloading of the standard ticket states, but via 1.1.3 RTIR interface there does not appear to be a way to edit the state directly?) Am I missing something?
2) Has there been any thought to adding context-sensitive online help to RT in general? This might go a long way to help improving self-documentation of the platform itself? (Yes I know most of it is fairly straightforward, but still, sometimes a hint about what particular fields are intended for, tips about email usage (-comments@ aliases that some people use, etc) would be nice things to document. Some of this would of course be site-specific, but if the framework was standardized...
Sorry to be somewhat vague in my explanation above. Just understanding what you are "suppose" to see after installing some of these cool modules like this is tricky without more documentation. Some screenshots added to the Wiki would be nice (I know these things have been changing a lot in recent versions as well).
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Rtir