Notification Template

The Notification Template feature allows the admin to create customized email or SMS notifications to be sent out when a scheduled report or alert is generated. Admins can configure a custom message and the recipients list to whom the notification must be sent. These templates can also be shared with other technicians to be used by them while configuring notifications.

The below steps will discuss how this can be executed on Log360UEBA.

Creating notification template:

In the Log360UEBA module, navigate to the "Settings" tab.

• Select "Notification Template" from the Settings dropdown on the left panel.
• This will bring up a list of the already created notification templates. Click "Create Notification Template" to create a new custom notification template.
• You can enter the 'Template Name' as desired and the 'Module' for which this notification template should be applied.
• Choose how you want to be notified; in this case, "Email and SMS."
• Then fill in the email address, subject, and message you want to be displayed in the Email notification. For SMS, enter the phone number and message to be sent out.
• Click Save.
• Administrators can also create copies of notification templates from the list of available templates and share the template with other technicians.

Here are the steps to create a new scheduled report and assign notification template:

• Navigate to Anomaly Reports → Scheduled Reports. This will bring up a list of the already created scheduled reports.
• To create a new scheduled report, click on Create New Scheduler.
• Enter the Schedule Name and a Description.
• Select the specific reports that you wish to schedule. You can choose multiple reports in the same schedule.
• Under Schedule Details, select how often you wish to receive the report, the time-range the report will cover, and the report format. You can also specify a desired storage path for the scheduled reports.
• Under notification details, select if you want to get notified for all reports(A single consolidated report will be generated), each report individually, or no notification at all in the Notification settings dropdown.
• Then Select notification templates from the available list (Email and SMS) for the report being scheduled.
• Click Save to save the scheduled report.

Steps to configure notification templates for alert profiles:

• Navigate to Alerts → Manage profiles. This will bring up the list of already created alert profiles.
• Choose either to edit an existing alert profile or Add Alert Profile if you want to create a new alert profile.
• Enter the alert profile name, severity, alert message, and how you want the alert to be based(Report, Entity, or Risk card).
• Then click the advanced configuration dropdown and select the notification template you want to apply for the alert profile from the available list.
• Click save changes.