Notification Templates

Email notification templates can be configured to automatically trigger alerts when a policy breach occurs. These notifications can be sent to the involved employee, their manager, or other relevant stakeholders, depending on the use case.

A notification template can be assigned to one or more rules, each with its own conditions. There are two primary ways to configure rules to use a notification template:

  1. Violation Match Count: As an administrator, you can specify which notification template should be triggered based on the number of violation matches.
  2. User Activity Monitoring Settings: You can also assign a notification template based on the RAP settings in the rule, allowing notifications to reflect specific risk levels.

Notification templates can include dynamic content such as alert data, user information, and other contextual details.

Complete the following steps to add a email notification template:

Steps

  1. Navigate to Policy section, and click Policy Elements button:
  2. On the next screen, navigate to Resources section and click on Notification Templates.
  3. On the next screen, click the plus icon to open the template editor:
  4. On the template editor screen, enter following details:
    1. Enter a name that will be used to store the template and provide a description:
    2. General
      • Enter the Sender name that appears in the email From field when notifications are sent. The maximum length is 1024 characters.
      • Enter the Sender email address: the email address of the person from whom notifications should be sent. The maximum length is 1024 characters.
      • Enter a Subject for the notification. This appears in the email Subject: line. The maximum length is 4000 characters. Click the right arrow to select variables to include in the subject, such as “This is to notify you that your message was %Action% because it breached corporate policy.”
      • Define one or more Recipients for the notification.
      • Select Additional email addresses, then click the right arrow to select a dynamic recipient that varies according to the incident. For example, you can choose to send the notification to the policy owners, administrators, source, or source’s manager. Select the variable that applies, such as %Policy Owners%. Separate multiple addresses with commas.
    3. Notification body
      • Select a display format from the Display as checkbox: HTML or plain text.
      • Select Message to user, then update the text as needed. The result is displayed in the email body. Click the right-arrow icon to see a list of variables that may be included in the message.
      • Select Incident details to include incident details in the notification message.
    4. Click Save. Once the template is saved, it will be listed under available templates. You can attach a notification template to a rule from the Action section of the policy rule editor. An example is shown below:
      You can also attach a email notification template in the Risk-Adaptive Protection section of the rule editor as shown in the example below:

      When a policy breach happens, the email notification is sent using selected template. An example mail is shown below: