通知ルール

次で利用可能:

Cloud SIEM | Cloud Security Management | Application Security Management

概要

Security notification rules play a key role in keeping your team informed of issues without you having to manually edit notification preferences for individual detection rules. Notification rules can span across multiple detection rules and signals based on parameters such as severities, rule types, rule tags, signal attributes, and signal tags.

Notification Rules

Create notification rules

To create a notification rule, you define the logic for when the notification rule is triggered based on conditions such as severity, detection rule type, tags, and attributes.

As you configure the rule, a preview of issues matching the notification rule conditions appears on the Example of matching issues panel. This can be useful in determining if the notification rule is too specific or broad.

  1. On the Notification Rules page, click New Notification Rule.
  2. Under Source Types, select the detection rule types you want to include in the notification rule.
  3. (Optional) For ASM, select the ASM Vulnerability Management source type, or leave the source type empty and select the Include Application level vulnerabilities checkbox.
  4. Under Rule Criteria, select one or more severity levels.
  5. Specify the tags and attributes that must be present in order for the notification rule to be triggered.
  6. Under Notification Details, specify the recipients you want to notify when the notification rule is triggered. You can notify individuals, teams, create Jira issues, and more. See Notifications for more information.
  7. 通知ルールの名前を入力します。
  8. Save and Activate をクリックします。
Setup of a notification rule

If the notification rule matches the specified conditions, the resulting notification includes details about the matched notification rule in the notification footer.

Manage notification rules

Enable or disable a notification rule

To enable or disable a notification rule, toggle the switch on the notification rule card.

Edit a notification rule

To edit a notification rule, click the notification rule card. After you finish making your changes, click Save and Activate.

Clone a notification rule

To clone a notification rule, click the vertical three-dot menu on the notification rule card and select Clone.

Delete a notification rule

To delete a notification rule, click the vertical three-dot menu on the notification rule card and select Delete.

その他の参考資料

お役に立つドキュメント、リンクや記事:

PREVIEWING: esther/docs-8632-slo-blog-links