SA Cfg: Configure a Template

Document created by RSA Information Design and Development on Apr 25, 2016Last modified by RSA Information Design and Development on Dec 2, 2016
Version 3Show Document
  • View in full screen mode
 

This topic provides instructions to configure a custom template for notifications. There are four template types: Audit Logging, Event Stream Analysis, Event Source Monitoring, and Health Alarms. You can create templates for email, SNMP, Syslog, and Script, depending on the template type.

Upgrades from Security Analytics 10.4 migrate all existing templates to the Event Stream Analysis template type. 

Define a Template for ESA Alert Notifications provides information on defining a notification template for Event Stream Analysis. "Define a Template for Global Audit Logging" provides instructions on how to define an audit logging template to use for Global Audit Logging.

Procedure

You can use the default templates provided or you can configure your own templates. Follow this procedure to configure your own template. 

  1. In the Security Analytics menu, select Administration > System.
  2. In the options panel, select Global Notifications.
  3. Click the Templates tab.
  4. Click  to configure a template.
  5. In the Define Template dialog, provide the following information:
    1. In the Name field, type the name for the template.
    2. In the Template Type field, select the type of template you want to create. For example, if you are creating a template for global audit logging, select the Audit Logging template type.
    3. In the Description field, type a brief description for the template.
    4. In the Template field, specify the format for the template.
    5. Click Save to save the template.
You are here
Table of Contents > SA Cfg: Configure a Template

Attachments

    Outcomes