cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Customised Alerts Notifications (Templates)

James_Gillies
Brass Contributor

‎May 19 2021 03:16 AM

‎May 19 2021 03:16 AM

Customised Alerts Notifications (Templates)

Hi there,

 

As handy as the existing email alerts are for Defender for Endpoint for Alerts and Vulnerability Notifications, we could really do with having the ability to customise the message body so that where required we can inject some custom data to allow those messages to be parsed correctly by ticketing systems.

 

As they stand for our organisation where we will process different alerts for our customers all the emails will end up in a single queue and not be handled by our ticketing system because we cannot insert a custom field with a value that our parsers will look for.

 

Long term we will look at API level integration but this is even more work, effort and cost to complete. The path to least resistance where we already have a working integration will be to have some ability to insert some plaintext above the existing MS template for the ATP alert emails.

 

For right now this the potential to hamper response efforts.

 

Thanks very much for your consideration.

 

Kind regards,

 

James

967 Views
0 Likes
1 Reply
Reply
1 Reply
Thijs Lecomte

‎May 19 2021 03:27 AM

‎May 19 2021 03:27 AM

Re: Customised Alerts Notifications (Templates)

This will not be an answer to your question, but we use Azure Sentinel for this.
We sync incidents to Sentinel (which is free) and then have Logic Apps running that send emails with custom info
0 Likes
Reply