Versions Compared

Old Version 1

changes.mady.by.user Andrew Grealy

Saved on

compared with

New Version 2

changes.mady.by.user Andrew Grealy

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

A notification group An Email Domain can be thought of as a group of filters under an easy-to-understand name. This notification group name can be however you want to split up your organization, sometimes you may want the notification group to be based on a department, such as Network Department, some areas it might make sense to be functional like Payment processing, you might want to make it product-focused like Line of Business (LoB) application. They can overlap, it’s just a naming, nothing restricts you to have non-overlapping filters and such. If you are SQL inclined, from an entity-relationship model, a notification group has 1 or more filters.

An example

For example, you might want to have a notification group for the network team. The network team has lots of different products, and they need to go to different support teams and such.

In this example, you would create a Notification Group called “Network Team”, and say they have Cisco products that they support internally and Palo Alto Network products that external group support. Internally, they use Slack and externally they use email.

Then add filters for the different products and such.

Such as these filters:

Code Block
languagepy
Filter 1, "Internal Network Team": vendor=”cisco”

with delivery to their Slack Channel “cisco_support”

Code Block
languagepy
Filter 2, "External Network Team": vendor.str.startswith(”palo”)

with delivery as email to an external network support team email, example_support@somenetworksupportcompany.com.

Info

Some important considerations

When should I have a separate filter? For a few different reasons:

  1. That you want to send different results to different groups, that is your filter needs to use a different delivery mechanism, then have a separate filter for each;

  2. You have different groups that would want to change their filter, to reduce breaking other people’s filters, we suggest giving them their own filter to change; and

  3. That you exceed over 4K characters for the filter. Break it up into smaller filters.

  4. FIlters can overlap, you could have the filter repeated, going to different delivery locations - email, slack, webhook, etc.

Some useful links:one or more email domains associated with a company. Email Domains for companies cannot be email domains that are usually associated with private emails such as gmail.com and the like. Email Domains should not be used for partners, this is separate, Email Domains are the company’s email domains and not partners. Partners are different pricing.

Info

Some important considerations

Email Domain is the domain name of the email not including the @, so fred@bank.com, the email domain would be “bank.com”.

How does a new user who registers becomes a part of the company?

  • If a user registers in with one of the Company’s Email Domains, then they are automatically added to the company with the user role

Some useful links:

  • How to register users - two ways, by register or create user

  • To rock your filters like a Zen Master, go here.

...

Email Domain API

Please refer to swagger.ctci.ai for more details.

...

Email Domains within the CTCI Portal

Select the menu option, Notification Group.

...

Figure 1, Notification Group Email Domain Menu Option

The Notification Group Email Domain icon is a bell icon. If you haven’t added a Notification Group your page should look something like this, a message saying No Notification Groups yet, and a button to create a Notification Group. Please see the figure below:

...

Figure 2, Notification Group Create Page

The Notification Group mail envelope icon. An Email Domain is usually set up by CTCI, OEM, and/or a Reseller. In this list view you can click on the envelope with a plus to create a new Email Domain.

The Email Domain Create page below, has a number of fields.

...

Figure 3, Create a new Notification GroupEmail Domain

The Id is the internal reference to this notification group. The Save button is self-explanatory, the back button goes back to the list of Notification GroupsEmail Domains.

Field Name

Details

Id

Ignore - internal reference

Notifcation Group Name

This is required, and is the name you would like to give to the Notification Group.

Enabled

Whether this Notification Group is Enabled, it’s disabled by defaultCompany Name

You can leave this as empty and it will take your current company, if you are managing a lot of Partner companies, then you can set it to one of these companies.

Email Domain

This is the email domain, it is just the domain and not with a @ symbol, so fred@bank.com the email domain would be bank.com.

Note

This is a multi-line field, that you can leave a note for someone about this Notification GroupEmail Domain. Putting who to contact, who owns this Notification Group Email Domain and other details could really help other people and new hires.

Notification Group Expiry

Future feature: To be able to expire this Notifcation Group after a certain amount of time has expired

Company Name

This will be your Company Name by default, if you don’t set it. If you manage Partners or other companies you can select where this Notification Group get’s created.

Notification Group Permissions

Future - this will allow you to have different people editing this Notification Group.

Default Sending Values

Default Notification Group Email

If filters don’t have anything set, they will use this email.Default Send per Item

This for whether you want a new email/JIRA Ticket/Slack/Teams/etc entry per new CVE or have them bundled into one entry. Some companies want a new Jira Ticket per entry and some want the other way. With our method you can do which ever way works for your organization.

Notification Schedule

Future - instead of sending the notification the instant we add it to list, you can set it to some other time schedule

Default Notification Delivery

If a filter doesn’t have a Notification Delivery sent, then it defaults, to this, otherwise defaults to Default Notification Group Email

How to Edit a Notification Group

...

Click on one of the entries.

...

Figure 4, Select a Notification an Email Domain Group to Show / or Edit

The next page shown will be the show page, it shows all the details, to Edit, you must select the edit page. The reason we do this is if people have the audit role, they can only show and not edit, and by default, once the filter is set, it should be mainly viewing it then editing it, this will reduce accident changes. Image Removed

...

Figure 5, Edit a Notification Group

The Notification Delivery will have a dropdown where once you have created Notification Deliveries you can make them the default for your Notification Group.

...

an Email Domain

Email Domain is required to enter.

Delete an Email Domain

Two ways to do it, within the edit page, see the icon above in Figure 5, Choosing to Notification Groupan Email Domain, and in list view, select the checkbox and scroll all the way right and you will see a Delete icon. See Figure 6 below.

...

Figure 6, Deleting A Notification Groupan Email Domain