Jump to content

Feature request! Allow URI to be added to Notification emails

BrianMorris

By BrianMorris
in ESET PROTECT Cloud

 Share

Recommended Posts

BrianMorris

BrianMorris 14

Posted
Posted

For me, the more important part of the infection/alert notification emails is URI (Uniform Resource Identifier), but I can't find a way to add it. When I get an email notification, I can add all the other fields that I need EXCEPT URI. 

Screenshot 2022-01-20 084703.png

Screenshot 2022-01-20 084827.png

Link to comment
Share on other sites
  • 2 months later...
BrianMorris

BrianMorris 14

Posted
  • Author
Posted
2 hours ago, VlP said:

Without URI identificator are notifications useless...

Yes! I feed these alerts into my ticketing system, but it misses this key piece of info 🙁

Link to comment
Share on other sites
  • 2 months later...
Ufoto

Ufoto 13

Posted
Posted

Is there any information whether ESET is considering to add this variable to the Notifications email body at some point? 

Link to comment
Share on other sites
  • 2 weeks later...
  • ESET Staff
igi008

igi008 18

Posted
  • ESET Staff
Posted
On 6/14/2022 at 11:32 AM, Ufoto said:

Is there any information whether ESET is considering to add this variable to the Notifications email body at some point? 

Hello,
many thanks for your post. It is a bit tricky because URI can also be a phishing link (in the case of web protection). ESET may be put on the list of phishers when we will send such notifications. However, we will try to open this topic internally again, and we will try to find an appropriate solution.

Link to comment
Share on other sites
Ufoto

Ufoto 13

Posted
Posted
28 minutes ago, igi008 said:

Hello,
many thanks for your post. It is a bit tricky because URI can also be a phishing link (in the case of web protection). ESET may be put on the list of phishers when we will send such notifications. However, we will try to open this topic internally again, and we will try to find an appropriate solution.

Hi Igi,

Thank you for your response. Yes, indeed that's a valid point. I had my malware summary reports stripped several times because they contained malicious links accessed by endpoints. Maybe it will be worth adding an extra rule as a temporary measure which allows the notifications to send URI information only if it is a file path rather than URL. This should be easy to achieve using regex until you come up with a proper solution such as to separate network-related URI into a separate property which is not available for reporting.

Link to comment
Share on other sites
BrianMorris

BrianMorris 14

Posted
  • Author
Posted
On 6/23/2022 at 4:07 AM, igi008 said:

Hello,
many thanks for your post. It is a bit tricky because URI can also be a phishing link (in the case of web protection). ESET may be put on the list of phishers when we will send such notifications. However, we will try to open this topic internally again, and we will try to find an appropriate solution.

Valid point. You could address this by changing the HTTP to HXXP for the purposes of these notification emails.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...