Import UAPF package: incident-triage.uapf

fixtures/signal-zabbix-ddos.json

@@ -0,0 +1,17 @@
+{
+  "source": "zabbix",
+  "external_id": "ZBX-EVT-9374",
+  "raw_payload": {
+    "title": "DDoS attack pattern detected on edge",
+    "host": "rtr-r3.lvrtc.lv",
+    "severity": "critical",
+    "body": "Volumetric UDP flood, 4.2 Gbps inbound to 192.0.2.0/24. Source: 12 ASNs, predominantly AS197207. Auto-mitigation engaged.",
+    "tags": ["security", "ddos"]
+  },
+  "expected_after_triage": {
+    "taxonomy_code": "security.incident",
+    "priority": "P1",
+    "ownership": "lvrtc",
+    "group_slug": "soc-l2"
+  }
+}