Learn to set up real-time email alerts for risky operations and policy actions.
For now, this article applies only to cloud-hosted Safetica.
Information about alerts for Safetica hosted on-premises can be found here.
In this article, you will learn more about:
- What alerts are available
- How to set up email alerts for risky operations
- How to set up email alerts for policy actions
- Alerts and permissions
- How the alerts look like
Introduction: What alerts are available
When setting up alerts in cloud-hosted Safetica, you can choose to be informed about:
- Risky operations: about high-risk, medium-risk, and low-risk operations.
- Policy actions: about every operation that was blocked by Safetica, about which the user was notified, or which the user overrode.
How to set up email alerts for risky operations
You can choose to be informed about every operation that is considered risky by Safetica.
- In Safetica console, go to Alerts > Risky operation alerts.
- Select which risky operations (High risk, Medium risk, or Low risk) you want to be alerted about.
- Click Save.
How to set up email alerts for policy actions
You can choose to be informed about every activity that was blocked by Safetica, overridden by the user, or about which the user was notified.
- In Safetica console, go to Alerts > Policy action alerts.
- Select which policy actions (Notify, Block, or Override) you want to be alerted about.
- Click Save.
Alerts and permissions
For now, alerts are set up for the signed-in account.
Alerts can be set up for accounts who have the User data permission enabled and they reflect the permissions the account has (e.g., which users and teams they can view in the user tree). If the account’s access is limited only to e.g., the Development team, they will only receive alerts related to the Development team.
How the alerts look like
The email alerts look like this:
Click View details in Safetica to be forwarded into the relevant section of Safetica console with active relevant filters.