You are here:
Create and Validate an Automated Incident Triage
Agentforce automatically triages new incidents by verifying information completeness, detecting duplicates, and notifying employees about active major incidents.
Required Editions
If you want to modify the input parameters or update the output for this action, edit the Incident Triage prompt template. For instructions, see Revise a Prompt Template.
| Available in: Lightning Experience |
| Available in: Enterprise, Performance, and Unlimited Editions with Agentforce IT Service. |
-
From the App Launcher, find and select Agentic IT Service
Desk.
Employees can create incidents from Slack as well.
- Click the Incidents tab.
- Click New.
-
In the New Incident form, complete the required fields:
- Enter a descriptive value in the Subject field.
- Set the Impact and Urgency values.
-
Save your changes.
The incident record is created and the incident triage flow runs automatically in the background.
-
On the incident record, click the Feed tab.
The automated process posts a triage summary to the feed. Depending on the incident data, the summary can include:
- A list of similar open incidents, with a recommendation to review and close the current incident to avoid duplication.
- Whether the incident was identified as a major incident.
- A note if no relevant knowledge articles were found to help resolve the issue.
- Review the triage results and take appropriate action, such as associating the incident with an existing record or escalating it as a major incident.
Scenario 1:
Check Incident Completeness
When an incident is created, Agentforce reviews the structured fields and free-text description, then cross-references the incident with past similar incidents to identify information gaps that were critical for earlier resolutions.
For example, when an employee reports a VPN issue, Agentforce recognizes from past incidents that the VPN client name and version are required for effective troubleshooting. Agentforce automatically contacts the employee through Slack or email to request the missing details.
Agentforce consults the following data sources to determine what information is needed:
- Current incident details
- Past similar incidents, including the incident feed, resolution notes, and descriptions
- Knowledge articles
Scenario 2:
Notify Employees During Major Incidents
When an employee submits an incident related to an active major incident, Agentforce immediately notifies them and asks them to consider closing their individual incident. Resolving the major incident also resolves the related issue, which reduces incident volume and allows support teams to focus on the root cause.
For example, if multiple employees report email access issues during an active server outage investigation, each new submission triggers an automatic notification informing the employee of the ongoing major incident and requesting that they close their individual incident.
Scenario 3:
Identify and Manage Duplicate Incidents
When an employee submits a new incident, Agentforce checks their open incident history for duplicates. If a match is found, Agentforce notifies the employee with the existing incident number and asks them to close the new incident and update the original record. This keeps the incident queue accurate and ensures cleaner reporting on issue frequency and resolution times.
For example, if an employee submits two incidents for the same printer connectivity problem, Agentforce detects the match, provides the existing incident number, and asks the employee to consolidate their updates into the original record.
