Email alerts enhancement with more info

(Alex) #1

Is there a feature request to enhance email alerts with more information?
As of now the info is too generic
Below is the example
Event Name: Policy Violation
Frequency: 288 in 5 minutes

Severity: Critical
Who: Entire Organization
When: Fri Jul 27 12:45:00 2018 GMT

(Mike) #2

We submitted one a long time ago but I’m not sure how you would properly implement this. The problem is that that there may be multiple events triggering your alert. For example, in your message, what if multiple users had policy violations and each user hit several different sites within that time period. It could quickly get out of hand.
I think there might also be some privacy concerns if the alert contained user names or other sensitive information.
We ultimately implemented the NSS and have logs coming to our SIEM which is generating more detailed alerts. I do think it would be nice to possibly have the alert contain a link to display the relevant transactions logs in the admin portal.

(Alex) #3

We just looking to post the emails into a slack channel, which we use to escalate into internal Atlassian JIRA ticketing system. We don’t have an option for our syslog to submit a ticket. A lot better with Slack channel. Thanks,

(Scott Bullock) #4

Hi Alex,
ER’s for such functionality do exist, specific use-cases are being taken on board. As for most ER discussions, please reach out to your CSM (or via Support) with your use-cases and we can take your use-case into consideration for the ER.

Thanks for the ideas!



(Alex) #5

Since customers don’t have any visibility and an option to up vote on the features.
Could you share FRE numbers for the other use cases? Thanks,

(Scott Bullock) #6

Hi Alex,
Our Customer Success and Support teams are your means to upvote, think of them as your brokers for voting on ER’s, they can also supply the relevant ER identifiers to you.

If you have not yet met please DM me your organisational info and I will setup the needed introduction.



(Alex) #7

Hi Scott,
Thank you for your message. We don’t have a customer success manager assigned to my org yet as I learned from ZenithLive only larger organization have CSM assigned at this point.
The reason why I’m posting this into the community channel is other options to submit FRE’s don’t function as you would expect. This is from my perspective and other customer might have a different experience.