Event Notification - Use Cases
Last Updated: 2025-06-27
Purpose
This article contains use case example on how to configure the Event Notification function in Outscan.
Introduction
The Event Notification - Use Cases illustrates real-world scenarios where alerts can be triggered—such as when new vulnerabilities are detected, scans fail, or existing findings are fixed—and shows how templated notifications can deliver context and urgency around these events. By applying these use cases, you make your notification setup more relevant and actionable, ensuring your team is alerted to only the events that matter most in your security operations.
Built in
High/Medium/Low/Information-risk Findings
Trigger: Finding created
View template: Create view template filtering by the columns CVSS v3 severity and/or CVSS v2 severity with the severity you want to be notified about:
Subject:
{{ finding.cvssV3Severity }} risk found - {{ finding.assetName }}Content:
<div style="margin-bottom: 20px">
Dear user on behalf of Outpost24,
</div>
<div>
The following {{ finding.cvssV3Severity }} risk vulnerabilities were found for {{ finding.assetName|e }} as part of the ongoing {{ finding.source|join(', ') }} service:
</div>
<div style="margin-top: 10px">
<a href="https://outscan.outpost24.com/portal/en/#/findings/{{ finding.id }}/details"><b>{{ finding.name|e }}</b></a>
</div>
<div style="margin-top: 20px">
<div>Best Regards,</div>
<div>Outpost24</div>
</div>
Scan failed
Trigger: Scan done
View template: Create a view template that filters by the status you want to get a notification for
Subject:
Scan done with status {{ scan.status }}Content:
<div style="margin-bottom: 20px">
Dear user on behalf of Outpost24,
</div>
<div>
The scan of <a href="https://outscan.outpost24.com/portal/en/#/scans/{{ scan.id }}">{{ scan.assetIdentifierName|e }}</a> has done with the status {{ scan.status }}:
</div>
<div>
<div style="margin-top: 10px"><strong>Configuration name: </strong>{{ configuration.name|e }}</div>
<div style="margin-top: 10px"><strong>Asset name: </strong>{{ scan.assetIdentifierName|e }}</div>
<div style="margin-top: 10px"><strong>Source: </strong>{{ scan.source }}</div>
</div>
<div style="margin-top: 20px">
<div>Best Regards,</div>
<div>Outpost24</div>
</div>Finding: Exploit Available
Trigger: Finding created
View template: Exploits available: Yes
Subject:
Exploitable vulnerability - {{finding.assetName}}Content:
<div style="margin-bottom: 20px">
Dear user on behalf of Outpost24,
</div>
<div>
The following {{ finding.cvssV3Severity }} risk vulnerabilities were found for {{ finding.assetName|e }} with public exploits:
</div>
<div style="margin-top: 10px">
<a href="<<BASE_URL>>/portal/en/#/findings/{{ finding.id }}/details"><b>{{ finding.name|e }}</b></a>
</div>
<div style="margin-top: 20px">
<div>Best Regards,</div>
<div>Outpost24</div>
</div>Fixed Finding
Trigger: Finding modified
View template: status: FIXED
Subject:
A finding has been fixed: {{ finding.name }}Content:
<div style="margin-bottom: 20px">
Dear user on behalf of Outpost24,
</div>
<div>
The following {{ finding.cvssV3Severity }} risk vulnerabilities has been fixed:
</div>
<div style="margin-top: 10px">
<a href="https://outscan.outpost24.com/portal/en/#/findings/{{ finding.id }}/details"><b>{{ finding.name|e }}</b></a>
</div>
<div style="margin-top: 20px">
<div>Best Regards,</div>
<div>Outpost24</div>
</div>
External
Microsoft Teams
High/Medium/Low/Information-risk Findings
Prerequisites:
Have set up a Microsoft teams workflow and integrated the webhook in Portal. See Webhook Integration with Microsoft Teams [Add link after publish] for the guide how to do so.
Trigger: Finding Created
Integration: The created integration from the Webhook Integration with Microsoft Teams guide.
This JSON content can also be used as a template, paste it in https://adaptivecards.io/designer/
A preview of what the notification card looks like is displayed while making changes to the card.
{
"type": "AdaptiveCard",
"body": [
{
"type": "TextBlock",
"size": "medium",
"weight": "bolder",
"text": "New {{ finding.cvssSeverity | default('Not Set') }} Risk Vulnerability Detected by Outpost24"
},
{
"type": "ColumnSet",
"columns": [
{
"type": "Column",
"items": [
{
"type": "Image",
"style": "Person",
"url": "https://outpost24.com/wp-content/uploads/2023/05/cropped-O24_favicon_512.png",
"size": "Small"
}
],
"width": "auto"
},
{
"type": "Column",
"items": [
{
"type": "TextBlock",
"weight": "Bolder",
"text": "{{ finding.name | default('Not Set') }}",
"wrap": true
},
{
"type": "TextBlock",
"spacing": "None",
"text": "Created {{ finding.firstSeen | default('Not Set') }}",
"isSubtle": true,
"wrap": true
}
],
"width": "stretch"
}
]
},
{
"type": "TextBlock",
"text": "{{ finding.description | default('Not Set') }}",
"wrap": true
},
{
"type": "FactSet",
"facts": [
{
"title": "Asset:",
"value": "{{ asset.name | default('Not Set') }}"
},
{
"title": "CVE:",
"value": "{{ finding.cve | default('No CVE') }}"
},
{
"title": "Likelihood:",
"value": "{{ finding.exploitProbability | default('Not Set') }}"
},
{
"title": "CVSS Score:",
"value": "{{ finding.cvssScore | default('Not Set') }}"
}
]
},
{
"type": "TextBlock",
"text": "Solution",
"weight": "Bolder",
"wrap": true
},
{
"type": "TextBlock",
"text": "{{ finding.solutionTitle | default('Not Set') }} }}",
"wrap": true
}
],
"actions": [
{
"type": "Action.OpenUrl",
"title": "View in Portal",
"url": "https://outscan.outpost24.com/portal/en/#/findings/{{ finding.id }}"
}
],
"$schema": "http://adaptivecards.io/schemas/adaptive-card.json",
"version": "1.3"
}Related Articles
Copyright
© 2025 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.
Trademark
Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.