Versions Compared

Old Version 11

changes.mady.by.user Andrew Grealy

Saved on

compared with

New Version 12

changes.mady.by.user Andrew Grealy

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

A notification group can be thought of as a group of filters under an easy-to-understand name. This notification group name can be; however you want to split up your organization, sometimes you may want the notification group to be based on a department, such as Network Department, some areas it might make sense to be functional like Payment processing, you might want to make it product-focused like Line of Business (LoB) application. They can overlap, it’s . It’s just a naming, ; nothing restricts you to have from having non-overlapping filters and such. If you are SQL inclined, from an entity-relationship model, a notification group has 1 or more filters from an entity-relationship model.

An example

For example, you might want to have a notification group for the network team. The network team has lots of many different products, and they need to go to different support teams and such.

In this example, you would create a Notification Group called “Network Team” , and say they have Cisco products that they support internally and Palo Alto Network products that external group support. Internally, they use Slack, and externally they use email.

...

with delivery to their Slack Channel “cisco_support”support.”

Code Block
languagepy
Filter 2, "External Network Team": vendor.str.startswith(”palo”)

...

Info

Some important considerations

When should I have a separate filter? For a few different reasons:

  1. That you want to send different results to different groups, that is, your filter needs to use a different delivery mechanism, then have a separate filter for each;

  2. You have different groups that would want to change their filter, to reduce breaking other people’s filters, we suggest giving them their own filter to change; and

  3. That you exceed over 4K characters for the filter. Break it up into smaller filters.

  4. FIlters can overlap, you . You could have the filter repeated, going to different delivery locations - email, slack, webhook, etc.

...

Notification Groups within the CTCI Portal

Select the menu option , Notification Group.

...

Figure 1, Notification Group Menu Option

The Notification Group icon is a bell icon. If you haven’t added a Notification Group, your page should look something like this, a message saying No Notification Groups yet, and a button to create a Notification Group. Please see the figure below:

...

The Notification Group Create page below , has a number of several fields.

...

Figure 3, Create a new Notification Group.

The Id is the internal reference to this notification group. The Save button is self-explanatory, the . The back button goes back to the list of Notification Groups.

Field Name

Details

Id

Ignore - internal reference

Notifcation Notification Group Name

This is required , and is the name you would like to give to the Notification Group.

Enabled

Whether this Notification Group is Enabled, it’s disabled by default.

Note

This is a multi-line field , that you can leave a note for someone about this Notification Group. Putting who to contact, who owns this Notification Group, and other details could really help other people and new hires.

Notification Group Expiry

Future feature: To be able to expire this Notifcation Notification Group after a certain amount of time has expired.

Company Name

This will be your Company Name by default , if you don’t set it. If you manage Partners or other companies, you can select where this Notification Group get’s gets created.

Notification Group Permissions

Future - this will allow you to have different people editing this Notification Group.

Default Sending Values

Default Notification Group Email

If filters don’t have anything set, they will use this email.

Default Send per Item

This for whether you want a new email/JIRA Ticket/Slack/Teams/etc entry . Entry per new CVE or have them bundled into one entry. Some companies want a new Jira Ticket per entry, and some want the other way. With our method, you can do which ever whichever way works for your organization.

Notification Schedule

Future - instead of sending the notification the instant we add it to the list, you can set it to some other time schedule.

Default Notification Delivery

If a filter doesn’t have a Notification Delivery sent, then it defaults , to this. Otherwise, otherwise it defaults to Default Notification Group Email.

How to Edit a Notification Group

...

The next page shown will be the show page, it . It shows all the details, to . To Edit, you must select the edit page. The reason we We do this is because if people have the audit role, they can only show and not edit, and by default, once the filter is set, it should be mainly viewing it then editing it, this . This will reduce accident changes.

...

The Notification Delivery will have a dropdown where once you have created Notification Deliveries, you can make them the default for your Notification Group.

Delete a Notification Group

Two ways to do it, within . Within the edit page, see the icon above in Figure 5, Choosing to Notification Group, and in list view, select the checkbox and scroll all the way right, and you will see a Delete icon. See Figure 6 below.

...