Hi all,
We would like to apply a smart format to the body message for email notification...
Actually we are receiving this. Could we use HTML tags? or similar? any other choice? mark down? etc.

Closed Incident
The incident 3619 has been closed. Incident details: Incident: 3619 Organization: ${incident.organization} Priority: Date Created: November 26, 2019 17:37:08 UTC Date Closed: November 28, 2019 12:58:55 UTC Category: Description: DEMO-DDOS-004 Analysis: Resolution: ${incident.resolution} Summary: Auto close an incident using condition due to code alert ${incident.min_code}. Incident will be closed without notification. Event details AlertCode: Source IP: BlackListed: ISP: Destination IP: Device Affected: Source Port: Destination Port: Action: Error code: Interface: Account: Attack name: Request: Uri: Virus: Notification: Event time: Log: Please do not response this email. 

Additionally as you see we are getting errors on the value of the apis that describe incident fields (and this values exist)
Any workaround?

Many thanks for the feedback
Cheers,
Oscar

------------------------------
Oscar López
------------------------------

Hi all,

I finally confirmed that HTML in the body of the email can be used in Administration Settings and Notifications.
And succeeded to create an email template using substitution values.

I did not find any reference of using HTML in the body for email notifications in the Resilient IRP System Administrator Guide. v34

Cheers,

------------------------------
Oscar López
------------------------------

Original Message:
Sent: Thu November 28, 2019 08:34 AM
From: Oscar López
Subject: Notification email format and use of api names of the basic incident description

Hi all,
We would like to apply a smart format to the body message for email notification...
Actually we are receiving this. Could we use HTML tags? or similar? any other choice? mark down? etc.

Closed Incident
The incident 3619 has been closed. Incident details: Incident: 3619 Organization: ${incident.organization} Priority: Date Created: November 26, 2019 17:37:08 UTC Date Closed: November 28, 2019 12:58:55 UTC Category: Description: DEMO-DDOS-004 Analysis: Resolution: ${incident.resolution} Summary: Auto close an incident using condition due to code alert ${incident.min_code}. Incident will be closed without notification. Event details AlertCode: Source IP: BlackListed: ISP: Destination IP: Device Affected: Source Port: Destination Port: Action: Error code: Interface: Account: Attack name: Request: Uri: Virus: Notification: Event time: Log: Please do not response this email. 

Additionally as you see we are getting errors on the value of the apis that describe incident fields (and this values exist)
Any workaround?

Many thanks for the feedback
Cheers,
Oscar

------------------------------
Oscar López
------------------------------

You are correct that currently the body of the email is plain text. The work to make the email body support HTML is on the roadmap and should be coming out shortly (please note that I am not in any way describing a date for this feature :)).

Ben

------------------------------
Ben Lurie
------------------------------

Original Message:
Sent: Fri November 29, 2019 04:51 AM
From: Oscar López
Subject: Notification email format and use of api names of the basic incident description

Hi all,

I finally confirmed that HTML in the body of the email can be used in Administration Settings and Notifications.
And succeeded to create an email template using substitution values.

I did not find any reference of using HTML in the body for email notifications in the Resilient IRP System Administrator Guide. v34

Cheers,

------------------------------
Oscar López

Original Message:
Sent: Thu November 28, 2019 08:34 AM
From: Oscar López
Subject: Notification email format and use of api names of the basic incident description

Hi all,
We would like to apply a smart format to the body message for email notification...
Actually we are receiving this. Could we use HTML tags? or similar? any other choice? mark down? etc.

Closed Incident
The incident 3619 has been closed. Incident details: Incident: 3619 Organization: ${incident.organization} Priority: Date Created: November 26, 2019 17:37:08 UTC Date Closed: November 28, 2019 12:58:55 UTC Category: Description: DEMO-DDOS-004 Analysis: Resolution: ${incident.resolution} Summary: Auto close an incident using condition due to code alert ${incident.min_code}. Incident will be closed without notification. Event details AlertCode: Source IP: BlackListed: ISP: Destination IP: Device Affected: Source Port: Destination Port: Action: Error code: Interface: Account: Attack name: Request: Uri: Virus: Notification: Event time: Log: Please do not response this email. 

Additionally as you see we are getting errors on the value of the apis that describe incident fields (and this values exist)
Any workaround?

Many thanks for the feedback
Cheers,
Oscar

------------------------------
Oscar López
------------------------------