Email integration with Incident Response
Integrate Incident Response with any service capable of sending email alerts. Incident Response opens and triggers an alert when it receives an email to this integration email address. Events and alerts from monitoring tools can also be sent as emails after making sure that the payload is mapped correctly.
Before you begin
Role required: Responder, Manager, or Administrator
About this task
Watch this video to see the Email integration with Incident Response.
Procedure
What to do next
- Copy the generated email address and paste it in the destination email address field of your application.
- Copy the payload and paste it in the email notification section of your application.
- Modify the values of the payload accordingly to reflect in the alerts.Note:
- If an incorrect value is provided for severity, then an alert is created with a severity of 4.
- For
event_time
, any UNIX epoch value is acceptable.
Attachments:
You can attach files in an email integration. File extensions supported in an email
attachment are: .zip, .xml, .xls, .txt, .png, .pdf, .p7s, .msg, .log, .jpe,
.jpg, .jpeg, .html, .gz, .gif, .eml, .docx, .xlsx, .pptx, .csv, .bmp, .css,
.doc, .ppt, .sql, .tgz, .mov, .svg, .wav, .mp3, .mp4, .tar, .gzip, and
.rtf
. You can send up to 13 MB in attachments in an email.
In case duplicate attachment for the same alert is sent from different emails, the latest attachment is considered.