Reporting a security incident
Incidents can be reportet by mail (preferred method) or over the phone, see the contact information
When reporting an incident it is important to include sufficient information, and if possible, include log lines.
Information about how to contact you, as much contact information as you are willing to disclose. In most cases, this should include at least an email address and a telephone number, an alternate contact at your site in case you are unavailable
Please state so if you are in the local IT-department
Estimated summary of hosts (computers) involved
If relevant: operating system (win/unix/macOS/several)
A description of the activity: (break-in/virus/data disclosure/other)
Date formatting shall be according to ISO 8601, but the most important part is that the time, including minutes and unambiguous TIME ZONE is included.