Create a detection catalog notification rule
Create a notification rule if you want to receive a notification when new detections become active on your ExtraHop system.
When a detection type status in the detection catalog is
set to Active, a notification is sent with information about the detection including the
detection type and detection status. The notification will also include the dates that
the detection was released and last updated if those dates are available.
Before you begin
- Users must be granted NDR or NPM module access and have full-write privileges or higher to complete the tasks in this guide.
- The ExtraHop system must be connected to ExtraHop Cloud Services to send notifications through email.
- Email notifications are sent from no-reply@notify.extrahop.com. Make sure to add this address to your list of allowed senders.
- Log in to the ExtraHop system through https://<extrahop-hostname-or-IP-address>.
- Click the System Settings icon and then click Notification Rules.
- Click Create.
-
Click one of the following options:
- For NDR modules, select Security Detection Catalog.
- For NPM modules, select Performance Detection Catalog.
- Type a unique name for the notification rule in the Name field.
- In the Description field, add information about the notification rule.
- Specify individual email addresses, separated by a comma.
- In the Options section, the Enable notification rule checkbox is enabled by default. Deselect the checkbox to disable the notification rule.
- Click Save.
Thank you for your feedback. Can we contact you to ask follow up questions?