Configure System Notifications
Notice
This feature is available in CTIX v3.5.1.1 and later versions.
You can configure the system notifications of the platform to send timely in-app and email notifications to relevant users about errors related to feed sources, subscribers, rules, and API credentials. The notifications enable the users to take proactive measures and avoid any disruption in the platform.
Configure Feed Sources Report
You can configure email and in-app notifications to send alerts to specific users and user groups on errors related to your STIX, RSS, and API feed sources. You can configure the notification frequency for the following types of alerts:
Connection Failure: To send alerts on any failed connections related to the feed sources you have configured in Administration > Integration Management > Feed Sources.
No Data Received: To send email notifications when a feed source does not return any data.
To configure the notifications for the feed sources report, do the following:
Go to Administration > Configuration > System Notifications.
Go to Feed Sources Report and click Edit.
Turn on the Connection Failure toggle and enter the following details:
In-app Notification: Select this option to send instant app notifications when connection to a feed source fails. By default, this option is enabled.
Email Notification: Select this option and select one of the following frequencies to send email notifications with a report about failed feed source connections. By default, this option is disabled.
Daily: Send an email notification daily at 00:00 hrs UTC.
Weekly: Send an email notification every Sunday at 00:00 hrs UTC.
Users & User Groups: Select the platform users and user groups who will receive the in-app and email notifications. You cannot select read-only users and the read-only user group. By default, the Admin user group is selected.
Turn on the No Data Received toggle and enter the following details:
Email Notification: Select one of the following frequencies to send email notifications with a report about the feed sources that did not return any data. By default, this option is disabled.
Click Save.
Configure Internal Failure Reports
You can configure email and in-app notifications to send alerts to specific users and user groups on errors related to rules and subscribers. You can configure the notification frequency for the following types of reports:
Failed Rules: To send notifications about any failed third-party rules configured within the platform.
Note
Currently, notification for failed rules is supported for the following applications:
Humio
Splunk
Exabeam
Cyware Collaborate
Orchestrate
Cortex-XSOAR
Qradar
ArcSight
Microsoft Sentinel
Subscriber Error: To send notifications about failed polling and inboxing attempts made by the subscribers configured in Administration > Subscriber management. You can also define the frequency of your email notifications.
To configure the notifications for internal failure reports, do the following:
Go to Administration > Configuration > System Notifications.
Go to Internal Failure Reports and click Edit.
Turn on the Failed Rules toggle and enter the following details:
In-app Notification: Select this option to send instant app notifications when a third-party rule fails. By default, this option is enabled.
Email Notification: Select this option and select one of the following frequencies to send email notifications with a report about failed third-party rules. By default, this option is disabled.
Daily: Send an email notification daily at 00:00 hrs UTC.
Weekly: Send an email notification every Sunday at 00:00 hrs UTC.
Users & User Groups: Select the platform users and user groups who will receive the in-app and email notifications. You cannot select read-only users and the read-only user group. By default, the Admin user group is selected.
Turn on the Subscriber Error toggle and enter the following details:
In-app Notification: Select this option to send instant app notifications when a polling or inboxing attempt made by a subscriber fails. By default, this option is enabled.
Email Notification: Select one of the following frequencies to send email notifications with a report about the failed polling or inboxing attempt of subscribers. By default, this option is disabled.
Daily: Send an email notification daily at 00:00 hrs UTC.
Weekly: Send an email notification every Sunday at 00:00 hrs UTC.
Users & User Groups: Select the platform users and user groups who will receive the in-app and email notifications. You cannot select read-only users and the read-only user group. By default, the Admin user group is selected.
Click Save.
Configure API Expiry Report
You can configure email and in-app notifications to receive reminders before your Open API credentials expire. The notifications enable you to avoid disruption of any integration services.
To configure the notifications for the API expiry report, do the following:
Go to Administration > Configuration > System Notifications.
Go to API Expiry Report and click Edit.
Choose any one from the following:
Notify before 30, 15, 7, and 1 day of expiry: The platform sends you email notifications about the expiration of your API credentials before 30, 15, 7, and 1 day to remind you to update or extend your credentials.
Custom: The platform sends you an email notification about the expiration of your API credentials before the number of days you have specified to receive the reminder. For example, to receive an email notification 2 days before the expiration of API credentials, enter 2 as the customs value. You can enter a maximum value of 60 days.
Select the users and user groups from the drop-down to send the notifications.
Click Save.
The platform sends you email and in-app notifications that include the number of days remaining in the expiration of API credentials and a URL to direct you to update the credentials.
If your credentials are expired, the platform sends you a notification with a URL to direct you to update the credentials or create a new set.
Note
While creating a new set of API credentials in Administration > Integration Management > Third-Party Developers > CTIX Integrators, Cyware recommends you enable Notify me before the expiration date to successfully receive notifications before the expiration of the API credentials.