Working with the View Ticket Page

The View Ticket page lets you see all the details of a ticket. On this page, you can see all the details of a ticket. The View Details page also gives you the tools to block or unblock IPs, suspend users, and most importantly, communicate to the XDR SOC team about the ticket you’re viewing.

Communicating to the SOC team using this page is more efficient than contacting the team by phone.

Navigating to the View Ticket page

You can navigate to the View Ticket page two ways:

By clicking Intelligence > View Ticket in the left navigation menu. If you navigate this way, you'll have to enter a Ticket Id in the top right corner.
By clicking a row in the All Tickets table on the Alarms & Alerts page. If you navigate this way, the ticket you clicked is displayed.

To view the View Ticket page

Do one of the following:
- To search for a ticket, click Intelligence > View Ticket, then type a Ticket ID in the top right of the View Ticket page.
- To view a specific ticket, click a row in the All Tickets table on the Alarms & Alerts page. Then click View Ticket Details .

Click to open Barracuda Assistant. For more information, see Barracuda Assistant.
Click Respond to SOC to communicate to the SOC team about this ticket. See Responding to Alerts from the XDR Dashboard.
Type the number of the ticket you want to display.
Displays the ticket ID.
Displays the subject line of the ticket.
Displays the ticket type.
Displays the impact of the ticket.
Displays the status of the ticket.
Displays the account the ticket belongs to.
Displays the MITRE ATT&CK® Tactic attempted.
Displays the MITRE ATT&CK® Technique attempted
Displays the time the ticket was created.
Displays the originating IP.
Click to Block or Unblock the IP. For more information, see Blocking and Unblocking IP Addresses .
Displays the targeted user, if applicable.
Click to suspend a Microsoft 365 or Duo user. See Suspending Users.
Displays the SOC analyst.
Displays a description of the incident.