BrianMorris 14 Posted January 20, 2022 Share Posted January 20, 2022 For me, the more important part of the infection/alert notification emails is URI (Uniform Resource Identifier), but I can't find a way to add it. When I get an email notification, I can add all the other fields that I need EXCEPT URI. Link to comment Share on other sites More sharing options...
VlP 0 Posted April 12, 2022 Share Posted April 12, 2022 Hi. Yes, same problem here. Without URI identificator are notifications useless... VP Link to comment Share on other sites More sharing options...
BrianMorris 14 Posted April 12, 2022 Author Share Posted April 12, 2022 2 hours ago, VlP said: Without URI identificator are notifications useless... Yes! I feed these alerts into my ticketing system, but it misses this key piece of info 🙁 Link to comment Share on other sites More sharing options...
Ufoto 13 Posted June 14, 2022 Share Posted June 14, 2022 Is there any information whether ESET is considering to add this variable to the Notifications email body at some point? Link to comment Share on other sites More sharing options...
ESET Staff igi008 18 Posted June 23, 2022 ESET Staff Share Posted June 23, 2022 On 6/14/2022 at 11:32 AM, Ufoto said: Is there any information whether ESET is considering to add this variable to the Notifications email body at some point? Hello, many thanks for your post. It is a bit tricky because URI can also be a phishing link (in the case of web protection). ESET may be put on the list of phishers when we will send such notifications. However, we will try to open this topic internally again, and we will try to find an appropriate solution. Link to comment Share on other sites More sharing options...
Ufoto 13 Posted June 23, 2022 Share Posted June 23, 2022 28 minutes ago, igi008 said: Hello, many thanks for your post. It is a bit tricky because URI can also be a phishing link (in the case of web protection). ESET may be put on the list of phishers when we will send such notifications. However, we will try to open this topic internally again, and we will try to find an appropriate solution. Hi Igi, Thank you for your response. Yes, indeed that's a valid point. I had my malware summary reports stripped several times because they contained malicious links accessed by endpoints. Maybe it will be worth adding an extra rule as a temporary measure which allows the notifications to send URI information only if it is a file path rather than URL. This should be easy to achieve using regex until you come up with a proper solution such as to separate network-related URI into a separate property which is not available for reporting. Link to comment Share on other sites More sharing options...
BrianMorris 14 Posted June 28, 2022 Author Share Posted June 28, 2022 On 6/23/2022 at 4:07 AM, igi008 said: Hello, many thanks for your post. It is a bit tricky because URI can also be a phishing link (in the case of web protection). ESET may be put on the list of phishers when we will send such notifications. However, we will try to open this topic internally again, and we will try to find an appropriate solution. Valid point. You could address this by changing the HTTP to HXXP for the purposes of these notification emails. Ufoto 1 Link to comment Share on other sites More sharing options...
Recommended Posts