Notification Rules

문서 > Datadog 보안 > Notifications > Notification Rules

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

이용 가능:

Cloud SIEM | Cloud Security Management | Application Security Management

Overview

Notification rules are predefined sets of conditions that automate the process of informing your team about security issues. By using notification rules, you no longer need to manually set up notifications for each individual detection rule. Notification rules can be configured to cover a wide range of scenarios by specifying parameters such as severities, rule types, rule tags, signal attributes, and signal tags.

Create notification rules

To create a notification rule, specify the conditions under which the rule should be triggered. These conditions may include criteria such as severity, detection rule type, tags, and attributes. When an issue matches the defined criteria, the rule automatically sends notifications to the designated recipients.

As you configure the rule, a preview of issues matching the notification rule conditions appears on the Preview of Matching Results panel. This preview helps you determine if your notification rule is too specific or too broad, allowing you to adjust the criteria accordingly for optimal coverage.

On the Notification Rules page, click New Notification Rule.
Enter a Name for the notification rule.
Select the source type for the notification rule:
- Vulnerability: A potential security flaw in your infrastructure.
- Signal: Suspicious activity that poses an active threat against your infrastructure.
Select one or more severity levels.
Specify the tags and attributes that must be present in order for the notification rule to be triggered.
Click Add Recipient.
Specify the recipients you want to notify when the notification rule is triggered. You can notify individuals, teams, create Jira issues, and more. See Notification channels for more information.
Click Save.