Configuring notification settings enables notification mechanism for various operations performed during the Incident Management workflow.
To configure notification settings:
- In the Security Analytics menu, select Incidents > Configure.
The Notifications Settings view is displayed.
Provide the following information to configure various notification settings.
Parameter Description Email Server
Select the Email server address from the drop-down list to be configured to send out mail notification when the notification settings are enabled.
If there is no email server address configured you will not see an email server listed in the drop-down list. You have to configure an email server before you can proceed with this procedure. You can configure the email server by clicking Configure email or distribution list and providing the required details. Refer to the Configure Email Server and Notification Account in the System Configuration guide on how to configure an email server.
SOC Managers Type the SOC Manager email addresses to which a notification mail is sent for the selected operations. Incident Assignee? Select if you want a mail notification to be sent, to whom the incident is assigned, for the corresponding workflow whenever an incident is assigned. SOC Manager? Select if you want a mail notification to be sent to the group of SOC managers for the corresponding workflow. This corresponds to the manager email addresses provided under SOC Managers. Additional Addresses Type in additional addresses to which you want mail notifications to be sent for the corresponding workflow.
- (Optional) In the Template column, click to modify the template for any workflow.
- Click Apply to save the Notification settings.