Fetching latest commit…
Cannot retrieve the latest commit at this time
|Failed to load latest commit information.|
RTIR (RT for Incident Reponse) is a tool for tracking, responding to, and investigating reported incidents. Out of the box, it integrates with RT3 (Also available from bestpractical.com) Installation instructions: -------------------------- 1) RTIR requires the Business::Hours module (version 0.05 or later) and the Net::Whois::RIPE module. You should install them before proceeding. 2) Install RT 3.0. This version of RTIR requires at least RT 3.0.4. 3) Once RT 3.0 appears to be happily installed, cd into the directory you unpacked RTIR into. 4) Edit RTIR's Makefile to point to your RT 3 instance. 5) make sure that mysql or pgsql's commandline tool is in your path. 6) Type "make install". 7) Add the following lines to your /opt/rt3/etc/RT_SiteConfig.pm file: # The RTIR config file $RTIR_CONFIG_FILE = "/opt/rt3/etc/RTIR_Config.pm"; require $RTIR_CONFIG_FILE || die ("Couldn't load RTIR config file '$RTIR_CONFIG_FILE'\n$@"); 8) Initialize the RTIR database by typing "make initdb". 9) Stop and start your web server. Configuring RTIR ---------------- 1) Using the Configuration option in base RT, add the email address of the Network Operations Team (the people who will handle activating and removing Blocks) as AdminCC on the Blocks queue. 2) You may want to modify the email messages that are automatically sent on the creation of Investigations and Blocks. The templates are "LaunchMessage" in the Investigations queue and "NewMessage" in the Blocks queue. 3) By default, RT3 has certain global Scrips. You should look through them, and disable any that don't want. 4) Staff members who handle incidents should be added to the DutyTeam group. 5) You can override values in the RTIR_Config.pm in your RT_SiteConfig.pm file, following the "require" line explained above. SETTING UP THE MAIL GATEWAY --------------------------- An alias for the Incident Reports queue will need to be made in either your global mail aliases file (if you are using NIS) or locally on your machine. Add the following lines to /etc/aliases (or your local equivalent) : rtir: "|/opt/rt3/bin/rt-mailgate --queue 'Incident Reports' --action correspond --url http://localhost/" You should substitute te URL for RT's web interface for "http://localhost/". BUGS ---- To report a bug, send email to email@example.com.