Added new SLA OOB content:

Dashboards/dashboard-SLA.json

@@ -0,0 +1,260 @@
+{
+	"id": "sla-dashboard",
+	"description": "A new dashboard to give you a good overview of your SLAs.",
+	"version": -1,
+	"fromVersion": "4.1.0",
+	"fromDate": "0001-01-01T00:00:00Z",
+	"toDate": "0001-01-01T00:00:00Z",
+	"period": {
+		"byTo": "",
+		"byFrom": "days",
+		"toValue": null,
+		"fromValue": 7,
+		"field": ""
+	},
+	"fromDateLicense": "0001-01-01T00:00:00Z",
+	"name": "SLA",
+	"layout": [
+		{
+			"id": "25a2e8f0-fd4e-11e8-a656-2b6c8cbabaee",
+			"forceRange": false,
+			"x": 6,
+			"y": 0,
+			"i": "25a2e8f0-fd4e-11e8-a656-2b6c8cbabaee",
+			"w": 2,
+			"h": 1,
+			"widget": {
+				"id": "fddd62ff-a411-4e6a-8213-e0277a9b95b5",
+				"version": 1,
+				"name": "Mean Time to Detection",
+				"dataType": "incidents",
+				"widgetType": "duration",
+				"query": "-category:job and detectionsla.runStatus:ended",
+				"sort": null,
+				"isPredefined": false,
+				"description": "The mean time (average time) to detection across all incidents that their severity was determined. The widget takes into account incidents from the last 30 days by default.",
+				"dateRange": {
+					"fromDate": "0001-01-01T00:00:00Z",
+					"toDate": "0001-01-01T00:00:00Z",
+					"period": {
+						"byTo": "",
+						"byFrom": "days",
+						"toValue": null,
+						"fromValue": 30,
+						"field": ""
+					},
+					"fromDateLicense": "0001-01-01T00:00:00Z"
+				},
+				"params": {
+					"keys": [
+						"avg|detectionsla.totalDuration"
+					]
+				},
+				"size": 0,
+				"category": ""
+			}
+		},
+		{
+			"id": "3747f820-fd4e-11e8-a656-2b6c8cbabaee",
+			"forceRange": false,
+			"x": 2,
+			"y": 0,
+			"i": "3747f820-fd4e-11e8-a656-2b6c8cbabaee",
+			"w": 2,
+			"h": 2,
+			"widget": {
+				"id": "1e54092d-1ed0-47a6-862d-893adc05e612",
+				"version": 1,
+				"name": "Detection SLA by Status",
+				"dataType": "incidents",
+				"widgetType": "pie",
+				"query": "-category:job and -detectionsla.runStatus:idle",
+				"sort": null,
+				"isPredefined": false,
+				"description": "The detection SLA status of all incidents that their severity was determined. The widget takes into account incidents from the last 30 days by default, and inherits new time range when the dashboard time changes.",
+				"dateRange": {
+					"fromDate": "0001-01-01T00:00:00Z",
+					"toDate": "0001-01-01T00:00:00Z",
+					"period": {
+						"byTo": "",
+						"byFrom": "days",
+						"toValue": null,
+						"fromValue": 30,
+						"field": ""
+					},
+					"fromDateLicense": "0001-01-01T00:00:00Z"
+				},
+				"params": {
+					"groupBy": [
+						"detectionsla.slaStatus"
+					]
+				},
+				"size": 0,
+				"category": ""
+			}
+		},
+		{
+			"id": "3de5b1e0-fd4e-11e8-a656-2b6c8cbabaee",
+			"forceRange": false,
+			"x": 4,
+			"y": 0,
+			"i": "3de5b1e0-fd4e-11e8-a656-2b6c8cbabaee",
+			"w": 2,
+			"h": 2,
+			"widget": {
+				"id": "1767dee0-7f8c-48a5-8988-c58b9e713ab6",
+				"version": 1,
+				"name": "Remediation SLA by Status",
+				"dataType": "incidents",
+				"widgetType": "pie",
+				"query": "-category:job and -remediationsla.runStatus:idle",
+				"sort": null,
+				"isPredefined": false,
+				"description": "The remediation SLA status of all incidents that started a remediation process. The widget takes into account incidents from the last 30 days by default, and inherits new time range when the dashboard time changes.",
+				"dateRange": {
+					"fromDate": "0001-01-01T00:00:00Z",
+					"toDate": "0001-01-01T00:00:00Z",
+					"period": {
+						"byTo": "",
+						"byFrom": "days",
+						"toValue": null,
+						"fromValue": 30,
+						"field": ""
+					},
+					"fromDateLicense": "0001-01-01T00:00:00Z"
+				},
+				"params": {
+					"groupBy": [
+						"remediationsla.slaStatus"
+					]
+				},
+				"size": 0,
+				"category": ""
+			}
+		},
+		{
+			"id": "a48c1670-fdf1-11e8-a2fa-df5e7de7d45d",
+			"forceRange": false,
+			"x": 8,
+			"y": 0,
+			"i": "a48c1670-fdf1-11e8-a2fa-df5e7de7d45d",
+			"w": 2,
+			"h": 1,
+			"widget": {
+				"id": "mean-time-to-resolution",
+				"version": 169,
+				"name": "Mean Time To Resolution",
+				"dataType": "incidents",
+				"widgetType": "duration",
+				"query": "-category:job and status:closed",
+				"sort": null,
+				"isPredefined": true,
+				"dateRange": {
+					"fromDate": "0001-01-01T00:00:00Z",
+					"toDate": "0001-01-01T00:00:00Z",
+					"period": {
+						"byTo": "",
+						"byFrom": "days",
+						"toValue": null,
+						"fromValue": 7,
+						"field": ""
+					},
+					"fromDateLicense": "0001-01-01T00:00:00Z"
+				},
+				"params": {
+					"keys": [
+						"avg|openDuration",
+						"count|1"
+					]
+				},
+				"size": 0,
+				"category": ""
+			}
+		},
+		{
+			"id": "d2bbe430-02a1-11e9-878d-4fff182656eb",
+			"forceRange": false,
+			"x": 2,
+			"y": 2,
+			"i": "d2bbe430-02a1-11e9-878d-4fff182656eb",
+			"w": 4,
+			"h": 2,
+			"widget": {
+				"id": "mttd-by-type",
+				"version": 1,
+				"name": "MTTD by Type",
+				"dataType": "incidents",
+				"widgetType": "line",
+				"query": "-category:job and detectionsla.runStatus:ended",
+				"sort": null,
+				"isPredefined": false,
+				"dateRange": {
+					"fromDate": "0001-01-01T00:00:00Z",
+					"toDate": "0001-01-01T00:00:00Z",
+					"period": {
+						"byTo": "",
+						"byFrom": "days",
+						"toValue": null,
+						"fromValue": 7,
+						"field": ""
+					},
+					"fromDateLicense": "0001-01-01T00:00:00Z"
+				},
+				"params": {
+					"groupBy": [
+						"occurred(d)",
+						"type"
+					],
+					"keys": [
+						"avg|detectionsla.totalDuration / 60"
+					]
+				},
+				"size": 0,
+				"category": ""
+			}
+		},
+		{
+			"id": "e30f9430-02a1-11e9-878d-4fff182656eb",
+			"forceRange": false,
+			"x": 6,
+			"y": 1,
+			"i": "e30f9430-02a1-11e9-878d-4fff182656eb",
+			"w": 4,
+			"h": 3,
+			"widget": {
+				"id": "mttr-by-type",
+				"version": 168,
+				"name": "MTTR by Type",
+				"dataType": "incidents",
+				"widgetType": "line",
+				"query": "-category:job and status:closed",
+				"sort": null,
+				"isPredefined": true,
+				"dateRange": {
+					"fromDate": "0001-01-01T00:00:00Z",
+					"toDate": "0001-01-01T00:00:00Z",
+					"period": {
+						"byTo": "",
+						"byFrom": "days",
+						"toValue": null,
+						"fromValue": 7,
+						"field": ""
+					},
+					"fromDateLicense": "0001-01-01T00:00:00Z"
+				},
+				"params": {
+					"groupBy": [
+						"occurred(d)",
+						"type"
+					],
+					"keys": [
+						"avg|openDuration / (3600*24)"
+					]
+				},
+				"size": 0,
+				"category": ""
+			}
+		}
+	],
+	"isPredefined": false
+}

IncidentFields/incidentfield-detectionsla.json

@@ -0,0 +1,37 @@
+{
+    "closeForm": false,
+    "cliName": "detectionsla",
+    "fromVersion": "4.1.0",
+    "neverSetAsRequired": false,
+    "threshold": 72,
+    "id": "incident_detectionsla",
+    "group": 0,
+    "script": "",
+    "isReadOnly": true,
+    "system": false,
+    "content": true,
+    "unsearchable": false,
+    "version": -1,
+    "unmapped": false,
+    "hidden": false,
+    "type": "timer",
+    "editForm": false,
+    "description": "The time it took from incident creation until the maliciousness was determined.",
+    "associatedToAll": true,
+    "breachScript": "",
+    "associatedTypes": [],
+    "caseInsensitive": true,
+    "placeholder": "",
+    "useAsKpi": true,
+    "systemAssociatedTypes": null,
+    "locked": false,
+    "name": "Detection SLA",
+    "ownerOnly": false,
+    "required": false,
+    "modified": "2018-12-11T12:53:48.369705659Z",
+    "fieldCalcScript": "",
+    "selectValues": [],
+    "validationRegex": "",
+    "sla": 20,
+    "releaseNotes": "Added Detection SLA field"
+}

IncidentFields/incidentfield-remediationsla.json

@@ -0,0 +1,37 @@
+{
+    "closeForm": false,
+    "fromVersion": "4.1.0",
+    "cliName": "remediationsla", 
+    "neverSetAsRequired": false, 
+    "threshold": 72, 
+    "id": "incident_remediationsla", 
+    "group": 0, 
+    "script": "", 
+    "isReadOnly": true, 
+    "system": false, 
+    "content": true,
+    "unsearchable": false, 
+    "version": -1,
+    "unmapped": false, 
+    "hidden": false, 
+    "type": "timer", 
+    "editForm": false, 
+    "description": "The time it took since remediation of the incident began, and until it ended.", 
+    "associatedToAll": true, 
+    "breachScript": "", 
+    "associatedTypes": [], 
+    "caseInsensitive": true, 
+    "placeholder": "", 
+    "useAsKpi": true, 
+    "systemAssociatedTypes": null, 
+    "locked": false, 
+    "name": "Remediation SLA", 
+    "ownerOnly": false, 
+    "required": false, 
+    "modified": "2018-12-11T12:53:56.816268002Z", 
+    "fieldCalcScript": "", 
+    "selectValues": [], 
+    "validationRegex": "", 
+    "sla": 7200,
+    "releaseNotes": "Added Remediation SLA field"
+  }

IncidentFields/incidentfield-timetoassignment.json

@@ -0,0 +1,37 @@
+{
+    "closeForm": false,
+    "cliName": "timetoassignment",
+    "fromVersion": "4.1.0",
+    "neverSetAsRequired": false,
+    "threshold": 72,
+    "id": "incident_timetoassignment",
+    "group": 0,
+    "script": "",
+    "isReadOnly": true,
+    "system": false,
+    "content": true,
+    "unsearchable": false,
+    "version": -1,
+    "unmapped": false,
+    "hidden": false,
+    "type": "timer",
+    "editForm": false,
+    "description": "The time it took from when the incident was created until a user was assigned to it.",
+    "associatedToAll": true,
+    "breachScript": "",
+    "associatedTypes": null,
+    "caseInsensitive": true,
+    "placeholder": "",
+    "useAsKpi": true,
+    "systemAssociatedTypes": null,
+    "locked": false,
+    "name": "Time to Assignment",
+    "ownerOnly": false,
+    "required": false,
+    "modified": "2018-12-11T12:55:38.305896432Z",
+    "fieldCalcScript": "",
+    "selectValues": null,
+    "validationRegex": "",
+    "sla": 0,
+    "releaseNotes": "Added Time to Assignment field"
+}

IncidentFields/incidentfields.json

@@ -1,4 +1,5 @@
 {
+	"releaseNotes": "-",
 	"incidentFields": [
 		{
 			"id": "incident_app",
@@ -1653,4 +1654,3 @@
 		}
 	]
 }
-