Event Notification - Triggers
Purpose
This document provides users with a detailed list of Triggers for the Event Notifications module in OUTSCAN and HIAB.
Description
When configuring the Event Notification, several Triggers can be selected to tailor the notification. Triggers are automated instructions that respond to specific events by executing predefined actions, enhancing real-time monitoring, response, and overall security posture. They enable proactive notifications and actions, providing real-time insights and reducing the need for manual intervention.
Triggers ensure timely updates and informed decision-making, acting as proactive agents to mitigate potential threats and improve platform resilience.
The available Triggers are:
Events starting with “HIAB” are only available on appliance, while events starting with “Outscan” are not.
Trigger | Description |
|---|---|
Asset created | New asset added |
Asset deleted | Asset removed |
Asset modified | Asset has been modified |
Asset not recently seen | Asset not detected recently |
Comment created | New comment created |
Compliance created | New compliance created |
Compliance modified | Compliance status changed |
Compliance risk exception | Risk associated with compliance marked as exception |
Compliance risk exception expiration | Risk exception for compliance expired |
Configuration created | New configuration added |
Configuration deleted | Configuration removed |
Configuration done | Configuration completed |
Configuration modified | Configuration details changed |
Configuration started | Configuration process initiated |
Consumption absolute | Absolute consumption limit reached |
Consumption relative | Relative consumption limit reached |
Executive summary updated | Notification is sent every time an executive summary is added or updated. Only relevant for managed Asset Groups. |
Finding created | New security finding identified |
Finding modified | Security finding details changed |
Finding risk accepted expiration | Risk acceptance for finding expired |
Finding seen | Triggered when a finding is found in a scan but is already existing. It updates the last seen on the finding and trigger this event. |
Finding status transitioned | A change in the status of a finding. From present to accepted, for example, or fixed. It will trigger from any status to any status. |
HIAB backup done | Backup for HIAB completed |
HIAB backup failed | Backup for HIAB failed |
HIAB disk usage high | High disk usage in HIAB |
HIAB maintenance plan done | Maintenance plan for HIAB completed |
HIAB rebooted | HIAB appliance rebooted |
HIAB remote support | Remote support for HIAB toggled |
HIAB scanner missing | Scanner for HIAB not detected |
HIAB update done | Update for HIAB completed |
HIAB update failed | Update for HIAB failed |
New release notes | New software release notes available |
Outscan consultancy | Consultancy initiated |
Resource group created | New resource group added |
Resource group deleted | Resource group removed |
Resource group modified | Resource group details changed |
Role created | New role added |
Role deleted | Role removed |
Role modified | Role details changed |
Scan done | Scan completed |
Scan started | Scan initiated |
Scan stopped | Scan stopped |
Schedule created | New schedule added |
Schedule deleted | Schedule removed |
Schedule modified | Schedule details changed |
Schedule scheduled | Schedule task initiated |
User created | New user added |
User deleted | User removed |
User login attempt | Attempted user login |
User modified | User details changed |
User password reset | User password reset |
Watched finding updated1 | Watched finding details updated |
Workflow created | New workflow added |
Workflow deleted | Workflow removed |
Workflow done | Workflow completed |
Workflow modified | Workflow details changed |
Workflow started | Workflow process initiated |
1)Watched finding updated
A Watched finding updated trigger setting per user with Notification as the default integration is automatically generated by the system.
A sub-user can always view and manage the content (excluding delete and tag) of their own default notification setting, even without the necessary permissions or resource groups.
However, this exception only applies to the default Watched finding event, meaning this is the only notification setting that the sub-user can view/edit if they are without proper permissions/resource groups.
As a whole, the Watched finding updated trigger setting, when created, is always bound to the user who created it, in other words, even the main user is unable to create a setting with trigger type Watched finding updated for a sub-user.
Related Articles
Copyright
© 2024 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.
Trademark
Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.