Notification Policies

  • Updated

    Notification policies enable users to define rules for sending notifications based on specific conditions related to signals, situations, ActOns, and entities. By creating notification policies, users can specify the conditions that trigger notifications, select the appropriate channels for notification delivery, and associate the desired templates for the notifications. This allows users to configure notifications to be sent to the relevant channels when particular events or conditions related to signals, situations, ActOns, or entities occur.

    Use Notifications Policies:

    • To give an attention to a signal or a situation or an ActOn when it is acknowledged, opened, or closed
    • To provide fast and consistent ways for the right personnel to be notified

    You can configure a notification policy using a webhook or by adding an email of a respective user to get notified when a new event or a change is triggered.

    Configuring a Notification Policy via Webhook

    To configure a notification policy,

    1. Navigate to Configurations --> Notifications
    2. Click Policies 
      A policy page appears
    3. Click Create New Policy 
      A new policy form appears
    4. Enter Policy a name 
      For example, P0 notification for webhook
    5. Enter Description (Optional)
    6. Under Policy Properties, in Entities field, select ActOns from the dropdown 
      An Event field is autogenerated and autoselected
    7. Under Matching Conditions, do the following
        • Click Add Conditions or Add Group
        • Select an attribute, operator (Equals or in) from the dropdown list and enter their respective value.
        • Click And (or) Or conditions
          For example, Asset name equals Windows AND Priority equals P0.
    8. In Channel, select a relevant webhook channel from the dropdown list
    9. Under Data transformation template, in templates, select a relevant webhook template from the dropdown list 
      An automated template is generated
    10. Under Webhook Mapping, enter body (optional)
    11. Click Submit

    Configuring a Notification Policy via Email

    You can send notifications via email addresses to notify an event to the on-call user to reciprocate an immediate action mitigate the risk done to an organization. Resolution Intelligence Cloud provides you an interactive UI to set the notification policy via emails just by adding the email IDs of existing users in the system.

    1. Navigate to Configurations --> Notifications
    2. Click Policies 
      A policy page appears
    3. Click Create New Policy 
      A new policy form appears
    4. Enter Policy a name 
      For example, P0 notification via email
    5. Enter Description (Optional)
    6. Under Policy Properties, in Entities field, select ActOns from the dropdown 
      An Event field is autogenerated and autoselected
    7. Under Matching Conditions, do the following
      • Click Add Conditions or Add Group
      • Select an attribute, operator (Equals or in) from the dropdown list and enter their respective value.
      • Click And (or) Or conditions
        For example, Signal source equals Google Chronicle AND Priority equals P0.

    8. In Channel, select P1 event processing from the dropdown list

    9. Under Data transformation template, in templates, select P0 notification from the dropdown list 
    An automated template is generated

    10. Under Email Mapping,

      • In Subject field, hover over + and click Add field from the dropdown 
        A popup appears in which select Subject from the dropdown and click Add field 
        A subject will be added 
      • In Body field, hover over + and click Add a field from the dropdown 
        A popup appears in which select Team name from the dropdown and click Add field 
        An automated message appears in the body field

    11. Click Submit

    Managing Notification Policies

    Editing Notification policy

    To edit a notification policy

    1. Navigate to Configurations --> Notifications
    2. Click Policies from the left menu 
      A policies page appears
    3. Click on any policy that you would like to edit
    4. Click Edit at the top right corner 
      A policy form appears
    5. Edit the details and click Update

    Deleting a Notification Policy

    To delete a notification policy

    1. Navigate to Configurations --> Notifications
    2. Click Policies from the left menu 
      A Policies page appears
    3. Click icon next to policy that you would like to remove
    4. Click Delete from the dropdown list 
      A confirmation message popup appears
    5. Click Yes to proceed 
      A Policy will be removed from the listing page

    Bulk deleting a Notification Policy

    To delete the policies in bulk,

    1. Navigate to Configurations --> Notifications
    2. Click Policies from the left menu 
      A policy page appears
    3. Select the multiple policies that you would like to remove
    4. Click Delete at the top right corner

     

    Related articles

    Comments

    0 comments

    Please sign in to leave a comment.