Search for security incidents with the Security Incident Response Mobile app

Release version: Australia

Updated March 12, 2026

5 minutes to read

Search for Security Incident Response (SIR) security incidents on a ServiceNow AI Platform® instance. Only incidents that match the specific search criteria that you enter are displayed.

Before you begin

Role required: sn_si.analyst

About this task

Time to complete this task: 5-10 minutes.

Procedure

If you are not logged in to your ServiceNow AI Platform instance on your mobile device, for more information see Log in to the Security Incident Response Mobile app.
With the Security Incidents landing screen displayed, tap Search Incidents.

If you navigate away from the Security Incident Response Mobile app after you have logged in, tap the Now Agent at any time to return to the last screen you had displayed.

To limit the number of search results that are returned, you may prefer to fill out as many fields on the form as you can.

To add search criteria, refer to the following table. Follow the instructions after the table to edit existing search criteria, clear search criteria, or submit a search.


Tap this field	To add an entry on Android devices	To add and entry on iOS devices
Number	Enter an alpha-numeric value for a security incident, for example, `SIR0010004`. This number is displayed in the upper right of the security incident. The feature searches on numeric strings and partial numeric strings. For more refined searches, enter more digits. Wild cards (*) are not accepted. Tap a new field to enter more criteria or to submit a search.	Enter an alpha-numeric value for a security incident, for example, `SIR0010004`. This number is displayed in the upper right of the security incident. The feature searches on numeric strings and partial numeric strings. For more refined searches, enter more digits. Wild cards (*) are not accepted. Tap a new field to enter more criteria or Search to submit a search.
Short Description	Enter text in the field for example, `malware`. The feature searches on text strings and partial text strings from the Short Description field. For more refined searches, enter more text. Wild cards (*) are not accepted. Tap a new field to enter more criteria or to submit a search.	Enter text in the field for example, `malware`. The feature searches on text strings and partial text strings from the Short Description field. For more refined searches, enter more text. Wild cards (*) are not accepted. Tap a new field to enter more criteria or Search to submit a search.
Priority	To add an entry, tap one or more items or tap the search icon and type an entry in the search field. Tap the check mark icon to return to the Search Incidents screen.	To add an entry, tap one or more items or tap the search icon and type an entry in the search field. Tap Done to return to the Search Incidents screen.
Category	To add an entry, tap one or more items or tap the search icon and type an entry in the search field. Tap the check mark icon to return to the Search Incidents screen.	To add an entry, tap one or more items or tap the search icon and type an entry in the search field. Tap Done to return to the Search Incidents screen.
State	To add an entry, tap one or more items or tap the search icon and type an entry in the search field. Tap the check mark icon to return to the Search Incidents screen.	To add an entry, tap one or more items or tap the search icon and type an entry in the search field. Tap Done to return to the Search Incidents screen.
Assigned to	Select one from the list or tap the search icon and type an entry in the search field. To clear a value for the Assignment group and Assigned to fields, for no entry, select None.	Select one from the list or tap the search icon and type an entry in the search field. To clear a value for the Assignment group and Assigned to fields, for no entry, select None.
Assignment group	Select one from the list or tap the search icon and type an entry in the search field. To clear a value for the Assignment group and Assigned to fields, for no entry, select None.	Select one from the list or tap the search icon and type an entry in the search field. To clear a value for the Assignment group and Assigned to fields, for no entry, select None.

For Android devices, with the Search Incidents screen displayed and all your criteria entered, choose one to continue.

Option	Description
Clear or modify search criteria prior to executing a search	To clear all entered criteria, with the Search Incidents screen displayed, tap the back arrow to clear all the fields and return to the Security Incidents landing screen. The search is not submitted and the search criteria are cleared. Alternatively, to edit a field: With the Search Incidents screen displayed, tap a field with search criteria to expand it. Tap an item to deselect it. Tap All to select all items. Tap All again to clear all items. To clear a value for the Assignment group and Assigned to fields, for no entry, select None. Tap the check mark icon to save the changes and return to the Search Incidents screen.
Submit a search	With the Search Incidents screen displayed with your entered search criteria, tap the send icon (). The security incidents that match your search criteria are displayed. After the search is completed, the search criteria are not saved.

Option

Description

Clear or modify search criteria prior to executing a search

To clear all entered criteria, with the Search Incidents screen displayed, tap the back arrow to clear all the fields and return to the Security Incidents landing screen. The search is not submitted and the search criteria are cleared. Alternatively, to edit a field:

With the Search Incidents screen displayed, tap a field with search criteria to expand it.
Tap an item to deselect it. Tap All to select all items. Tap All again to clear all items. To clear a value for the Assignment group and Assigned to fields, for no entry, select None.
Tap the check mark icon to save the changes and return to the Search Incidents screen.

Submit a search

With the Search Incidents screen displayed with your entered search criteria, tap the send icon (

The security incidents that match your search criteria are displayed. After the search is completed, the search criteria are not saved.

For iOS devices, with the Search Incidents screen displayed, choose one to continue.

Option	Description
Clear or modify search criteria prior to executing a search	To clear all criteria and return to the landing screen, tap the close icon (X). Any entered search criteria are not saved. Alternatively, to edit a field: With the Search Incidents screen displayed, tap a field with search criteria to expand it. Tap an item on the list to deselect it, or tap Clear All. To clear a value for the Assignment group and Assigned to fields, for no entry, select None. Tap Done to save the changes and return to the Search Incidents screen.
Submit a search	With the Search Incidents screen displayed with your entered search criteria, tap Search. The security incidents that match your search criteria are displayed. After the search is completed, the search criteria are not saved.

Option

Description

Clear or modify search criteria prior to executing a search

To clear all criteria and return to the landing screen, tap the close icon (X). Any entered search criteria are not saved. Alternatively, to edit a field:

With the Search Incidents screen displayed, tap a field with search criteria to expand it.
Tap an item on the list to deselect it, or tap Clear All. To clear a value for the Assignment group and Assigned to fields, for no entry, select None.
Tap Done to save the changes and return to the Search Incidents screen.

Submit a search

With the Search Incidents screen displayed with your entered search criteria, tap Search.

The security incidents that match your search criteria are displayed. After the search is completed, the search criteria are not saved.

Optional: If your search returns multiple records, you can Filter records with the Security Incident Response Mobile app to refine the search results.

Search security incidents

Australia Security Management

Search for security incidents with the Security Incident Response Mobile app

Before you begin

About this task

Procedure