Ticket Escalations

Download this manual as a PDF file

SL1 allows you to create and edit ticket escalation policies. Ticket escalation policies automatically perform actions on a ticket when the specified conditions have been met.

For example, the escalation conditions could be "if a ticket has a severity of 'major', is three days old, and has not yet been assigned to a user." When a ticket meets those conditions, the escalation policy could perform the actions "change ticket's severity to 'critical' and assign the ticket to the queue administrator."

NOTE: Each ticket escalation policy can act on a specific ticket only once; a policy cannot escalate a specific ticket multiple times.

Use the following menu options to navigate the SL1 user interface:

  • To view a pop-out list of menu options, click the menu icon ().
  • To view a page containing all of the menu options, click the Advanced menu icon ().

Creating and Editing a Ticket Escalation Policy

You can create and edit a ticket escalation policy from the Ticket Escalation Policies page (Registry > Ticketing > Escalations). From the Ticket Escalation Policies page you can also enable or delete one or multiple ticket escalation policies.

To create a ticket escalation policy:

  1. Go to the Ticket Escalation Policies page (Registry > Ticketing > Escalations).
  2. In the Ticket Escalation Policies page, select the Create button in the upper right of the page.
  3. The Create New Escalation Policy modal page appears and displays the following fields:
  • For Ticket Queue. Ticket queue to associate with this escalation policy. You can select from a list of all ticket queues. The escalation policy will act on tickets in this ticket queue.
  • Policy Name. Name of the escalation policy. Can be any combination of alphanumeric characters, up to 64 characters in length.
  • State. Specifies whether or not the escalation policy is enabled or disabled. Choices are:
  • Disabled. Makes escalation policy inactive. SL1 will not execute the policy.
  • Enabled. Makes escalation policy active. SL1 will execute the policy when ticket conditions are met.

Escalation Condition

These seven fields specify the conditions that must be met before SL1 will execute the ticket escalation policy. All seven conditions must be met before SL1 will execute the policy.

  • Ticket Status Threshold. In this field, you can specify a ticket's status as part of the escalation condition. A ticket must have the specified status before SL1 will execute the escalation policy. Choices are:
  • When ticket state is open
  • When ticket state is working
  • When ticket state is pending
  • When ticket has not been resolved
  • When ticket has been resurrected (that is, when a previously resolved ticket is set to a status other than "resolved").
  • Ticket Severity Threshold. In this field, you can specify a ticket's severity as part of the escalation condition. A ticket must have the specified severity before SL1 will execute the escalation policy. Choices are:
  • and SEVERITY is equal to or greater than "Sev 4 / Critical"
  • and SEVERITY is equal to or greater than "Sev 3 / Major" (includes major and critical)
  • and SEVERITY is equal to or greater than "Sev 2 / Minor" (includes minor, major, and critical)
  • and SEVERITY is equal to or greater than "Sev 1 / Notice" (includes notice, minor, major, critical)
  • and SEVERITY is equal to or greater than "Sev 0 / Healthy" (includes all severities)
  • Age Type Threshold. In this field, you can specify a ticket's age as part of the escalation condition. A ticket must have the age specified in this field (and the next three fields) before SL1 will execute the escalation policy. Choices are:
  • and ticket's create age is..
  • and ticket's last update age is..
  • Minutes Threshold. The number of minutes that have elapsed. Choices are None and 1-59 minutes, in increments of 1 minute.
  • Hours Threshold. The number of hours that have elapsed. Choices are None and 1-23 hours, in increments of 1 hour.
  • Days Threshold. The number of days that have elapsed. Choices are None and 1 day to 3 months, in increments of 1 day.
  • User Action Threshold. In this field, you can specify user actions as part of the escalation condition. A ticket must have the specified user action before SL1 will execute the escalation policy. Choices are:
  • and ticket is not yet resolved
  • and ticket is not yet assigned
  • and ticket is not yet updated

Escalation Action

These four fields specify the actions that will be executed by the ticket escalation policy.

  • Severity Action. In this field, you can specify how the escalation policy will affect the ticket's severity. If a ticket meets all the thresholds (specified in the Escalation Condition fields), the escalation policy will automatically change the ticket's severity. Choices are:
  • Make no change to ticket severity
  • Increment ticket severity by one
  • Increment ticket severity by two
  • Increment ticket severity by three
  • Queue Action. In this field, you can specify how the escalation policy will affect the ticket's queue. If a ticket meets all the thresholds (specified in the Escalation Condition fields), the escalation policy will automatically change the ticket's queue. Choices are:
  • LEAVE in <ticket's current queue>
  • MOVE to <entry for each ticket queue>
  • User Action. In this field, you can specify how the escalation policy will affect the ticket's "owner" (assigned user). If a ticket meets all the thresholds (specified in the Escalation Condition fields), the escalation policy will automatically change the ticket's assigned user. Choices are:
  • Keep MEMBER assignment (if possible)
  • ASSIGN to member <entry for each user>

NOTE: There are cases when SL1 will override keep MEMBER assignment (if possible). If the current user assigned to the ticket is removed from the ticket's queue, or if the ticket is moved to a queue in which the current user is not a member, the ticket will be assigned to the queue administrator.

  • Notify Action. In this field, you can specify whether or not the escalation policy will notify users when the escalation actions are performed. If a ticket meets all the thresholds (specified in the Escalation Condition fields), the escalation policy can automatically notify users. Choices are:
  • Don't notify any queue members
  • Notify selected queue members
  • Notify selected queue members & watchers

NOTE: On the Behavior Settings page (System > Settings > Behavior, if the field Automatic Ticketing Emails is set to Disabled, all assignees and watchers will not receive automatic email notifications about any tickets. By default, the field is set to Enabled.

  • Ticket Status Action. In this field, you can specify how the escalation policy will affect the ticket's status. If a ticket meets all the thresholds (specified in the Escalation Condition fields), the escalation policy will automatically change the ticket's status. Choices are:
  • Make no change to ticket status
  • Set ticket status to: Open
  • Set ticket status to: Working
  • Set ticket status to: Pending
  • Set ticket status to: Resolved

Notification Action

If a ticket meets all the conditions (specified in the Escalation Condition fields), the escalation policy can automatically notify users. In this pane, you can specify who the escalation policy will notify when the policy is executed.

  • Queue Members. You can select one or more users from the list of all queue members (for the queue specified in the For Ticket Queue field). If a ticket meets all the thresholds in the escalation policy, the selected users will be notified of changes executed by the escalation policy and of the current status of the ticket.
  • Non-Queue Members. You can select one or more users from the list of all users who are not members of the queue (queue was specified in the For Ticket Queue field). If a ticket meets all the thresholds in the escalation policy, the selected users will be notified of changes executed by the escalation policy and of the current status of the ticket.

NOTE: On the Behavior Settings page (System > Settings > Behavior,if the field Automatic Ticketing Emails is set to Disabled, all assignees and watchers will not receive automatic email notifications about any tickets. By default, the field is set to Enabled.

Add Message to Ticket

In this field, you can enter text that will automatically be added to the Notes & Attachments pane of the Ticket Editor page for the ticket. This field is optional.

  • Cloaked. If a note is added to the ticket as part of the escalation, that note will be cloaked. A cloaked note can be viewed only by users who have been assigned the Access Hook "Ticket:Notes:Cloaked".
  1. Select the Save button, to save the new policy.

Editing a Ticket Escalation Policy

After you have created a ticket escalation policy, you can edit the policy from the Ticket Escalation Policies page when needed.

To edit a ticket escalation policy:

  1. Go to the Ticket Escalation Policies page (Registry > Ticketing > Escalations).
  2. Find the ticket escalation policy you want to edit. Select its wrench icon ().
  3. The Editing Escalation Policy modal page appears, with the same fields described above. You can edit any of these fields.
  4. If you have edited the policy and changed its name, select the Save As button. If you have edited the policy but have not changed its name, select the Save button.

Viewing the List of Ticket Escalation Policies

The Ticket Escalation Policies page (Registry > Ticketing > Escalations) displays a list of existing ticket escalation policies. For each ticket escalation policy, the following information is displayed:

  • Escalation Name. Name of the escalation policy.
  • Ticket Queue. Ticket queue associated with this escalation policy.
  • State. Specifies whether or not the escalation policy is enabled or disabled
  • Notifies. Number of users selected in the Notification Action field.
  • Notify Method. Specifies whether the escalation policy will send Email notifications when the policy is executed, based on the selection in the Notify Action field.
  • Log Text. Specifies whether the Ticket Escalation Policy has a value in the Add Message to Ticket field. "Yes" means that the Add Message to Ticket field contains a value; "No" means that the Add Message to Ticket field does not contain a value.
  • ID. SL1 automatically assigns this unique, numeric ID to each escalation policy.
  • User Edit. User who created or last edited the escalation policy.
  • Date Edit. Date and time the escalation policy was created or last edited.

Filtering the List of Ticket Escalation Policies

The Ticket Escalation Policies page includes nine filters. You can filter the list of escalation policies by one or multiple of the following parameters: escalation policy name, ticket queue, state, number of people to notify, notification method, log text, ID, user who created or last edited the policy, date the policy was created or last edited. Only escalation policies that meet all the filter criteria will be displayed in the Ticket Escalation Policies page.

You can filter by one or more of the following parameters. The list of escalation policies is dynamically updated as you select each filter.

  • For each filter except Date Edit, you must enter text to match against. SL1 will search for escalation policies that match the text, including partial matches. Text matches are not case sensitive. You can use the following special characters in each filter:
  • , Specifies an "or" operation. For example: "dell, micro" would match all values that contain the string "dell" OR the string "micro".
  • ! Specifies a "not" operation. For example: "!dell" would match all values that do not contain the string "dell".
  • & Specifies an "and" operation. For example: "cisco & catalyst" would. match all values that contain the string "cisco" AND the string "catalyst".
  • Escalation Name. You can enter text to match, including special characters (comma, ampersand, and exclamation mark), and the Ticket Escalation Policies page will display only escalation policies that have a matching policy name.
  • Ticket Queue. You can enter text to match, including special characters (comma, ampersand, and exclamation mark), and the Ticket Escalation Policies page will display only escalation policies that have a matching ticket queue.
  • State. You can enter text to match, including special characters (comma, ampersand, and exclamation mark), and the Ticket Escalation Policies page will display only escalation policies that have a matching state (enabled or disabled).
  • Notifies. You can enter text to match, including special characters (comma, ampersand, and exclamation mark), and the Ticket Escalation Policies page will display only escalation policies that have a matching number of users selected in the Notification Action field.
  • Notify Method. You can enter text to match, including special characters (comma, ampersand, and exclamation mark), and the Ticket Escalation Policies page will display only escalation policies that have a matching value in the Notify Action field.
  • Log Text. You can enter text to match, including special characters (comma, ampersand, and exclamation mark), and the Ticket Escalation Policies page will display only escalation policies that have a matching value in the Add Message to Ticket field. "Yes" means that the Add Message to Ticket field contains a value; "No" means that the Add Message to Ticket field does not contain a value.
  • ID. You can enter text to match, including special characters (comma, ampersand, and exclamation mark), and the Ticket Escalation Policies page will display only escalation policies that have a matching ID. SL1 automatically assigns this unique, numeric ID to each escalation policy.
  • User Edit. You can enter text to match, including special characters (comma, ampersand, and exclamation mark), and the Ticket Escalation Policies page will display only escalation policies that have a matching username in the User Edit field.
  • Date Edit. Only those escalation policies that match all the previously selected fields and have the specified creation date or last-edited date will be displayed. The choices are
  • All. Display all escalation policies that match the other filters.
  • Last Minute. Display only escalation policies that have been created within the last minute.
  • Last Hour. Display only escalation policies that have been created within the last hour.
  • Last Day. Display only escalation policies that have been created within the last day.
  • Last Week. Display only escalation policies that have been created within the last week.
  • Last Month. Display only escalation policies that have been created within the last month.
  • Last Year. Display only escalation policies that have been created within the last year.

Performing Administrative Tasks on One or More Policies

The Ticket Escalation Policies page contains a drop-down field in the lower right called Select Action. This field allows you to apply an action to multiple ticket escalation policies simultaneously.

To apply an action to multiple policies:

  • Go to the Ticket Escalation Policies page (Registry > Ticketing > Escalations).
  • In the Ticket Escalation Policies page, select the checkbox for each policy you want to apply the action to. To select all checkboxes for all policies, select the red checkbox at the top of the page.
  • In the Select Action drop-down list, select one of the following actions:
  • DELETE Escalation Policy. Deletes one or more selected policies.
  • ENABLE State for Escalation Policy. Activates one or more selected policies. SL1 monitors and acts on tickets in the queue specified in the policy.
  • DISABLE State for Escalation Policy. Deactivates one or more selected policies.
  • Select the Go button. The selected action with be applied to each selected escalation policy.

Example Escalation Policy

In this example we will create an escalation policy for a ticket with a severity of "critical." We will define our escalation policy to send an Email to specified users if a ticket with a severity of "critical" is not worked on within a 30 minute time period.

To create this escalation policy:

  1. Go to the Ticket Escalation Policies page (Registry > Ticketing > Escalations).
  2. In the Ticket Escalation Policies page, select the Create button. The Create New Escalation Policy page appears.
  3. In the Create New Escalation Policy page, we defined the following fields:

  • For Ticket Queue. We selected Asset Management. This escalation policy will be enabled for ticket's in the queue Asset Management.
  • Policy Name. We named our policy "Critical Asset Ticket Policy".
  • State. We want our policy to be active, so we selected Enabled.
  • Ticket Status Threshold. We want our policy to take effect when the ticket hasn't been worked on for a specified amount of time, so we selected When ticket state is open.
  • Ticket Severity Threshold. We want our policy to take effect when ticket severity is Critical, so we selected and severity is >= Sev 4/Critical.
  • Age Type Threshold. We want our policy to take effect after 30 minutes, so we selected and ticket's create age is....
  • Minutes Threshold. We selected 30 minutes. If the ticket has not been worked on for 30 minutes, the escalation policy will take effect.
  • Hours Threshold. We did not define a value in this field.
  • Days Threshold. We did not define a value in this field.
  • User Action Threshold. We selected and ticket is not updated.
  • Severity Action. Because our escalation policy is defined with a ticket at its highest severity, we left this field at its default value.
  • Queue Action. We do not want this ticket to leave the Asset Management queue, so we left this field at its default value.
  • User Action. We do not want other members working on critical tickets, so we left this field at its default value.
  • Notify Action. We want selected queue members to be notified of the ticket if it has not been worked on for 30 minutes. We selected Notify selected queue members.
  • Ticket Status Action. We do not want the policy to make any changes to the status of the ticket, so we left this field at its default value of Make no change to ticket status.
  • Queue Members. We selected two members of the Queue to be notified of the ticket by selecting their checkboxes.
  • Non-Queue Members. We do not want non-queue members working on critical tickets, so we did not add any more members to be notified.
  • Add Message to Ticket. We entered "Ticket needs immediate attention!" This message will be added to the Email on the ticket.
  • Cloaked. We selected the cloaked checkbox so that only administrators and users that are part of the same organization of the user that created the note can view the note.

After a ticket meeting the criteria has been created, the escalation policy will take effect and Email the selected users that a ticket has been escalated.