SA Cfg: Templates Overview

Document created by RSA Information Design and Development on Jul 29, 2016Last modified by RSA Information Design and Development on Dec 2, 2016
Version 2Show Document
  • View in full screen mode


This topic provides an overview of the templates that you can configure for various notifications. You configure notification templates in the Administration System view (Administration > System > Notifications > Templates tab).


A notification template defines the format and message fields of the notifications. There are different template types for the notifications you can configure:

  • Audit Logging
  • Event Stream Analysis
  • Event Source Monitoring
  • Health Alarms

You can use the available default templates or you can configure your own templates for Email, SNMP, Syslog, and Script, depending on the template type.

Global audit logging sends audit logs in the format specified in the Audit Logging template. You can use the default audit logging templates or you can define your own audit logging template. For more information on how to define an Audit Logging template, see Define a Template for Global Audit Logging.

Event Stream Analysis (ESA) sends notifications in the format specified in the Event Stream Analysis templates. The default Event Stream Analysis templates for email, SNMP, Syslog, and Script are available on installation. You can customize these templates as well as create new templates which you can use for the notifications. For more information on how to define ESA templates, see Define a Template for ESA Alert Notifications.

When upgrading from Security Analytics 10.4, all existing notification templates migrate to the Event Stream Analysis template type.

You are here
Table of Contents > SA Cfg: Templates Overview