Skip to main content

Tickets

Tickets are OneProtect's canonical investigation work items. They are separate from outbound webhook delivery and from future Jira, ServiceNow, Freshdesk, Zendesk, or HaloPSA adapters.

What You Can See

  • Ticket status, priority, assignee, owner, source, alert, and asset context.
  • Links to tenant-visible alerts, assets, evidence, delivery records, audit records, or external references.
  • Comments visible to the current role.
  • Audit-backed lifecycle events for creation, status changes, assignment, comments, and links.

Access Rules

  • Operators can create tickets, update status, assign themselves, comment, and link tenant-visible records.
  • Tenant admins can perform operator actions and broader reassignment/closure actions.
  • System admins act only in explicit tenant context.
  • Auditors have redacted, read-only ticket access.
  • Auditor-visible comments pass through the shared redaction policy before display.

Current Actions

  • Create a manual ticket with title, priority, optional description, and assignee.
  • Update status, priority, and assignee from ticket detail.
  • Add internal or auditor-visible comments.
  • Link alerts, assets, evidence, delivery records, audit records, or external references.

Current Boundary

The Phase 1 console uses OneProtect ticket APIs for these actions. External ticket mirroring, SLA automation, bulk actions, alert triage workflow controls, and ticket export/download flows are future scoped work.