Incident Email Notification Settings View

The Incident Email Notification Settings view enables you to send email notifications when incidents are created or updated to SOC Managers and the Analysts assigned to the incidents.

Note: The information in this topic applies to NetWitness 11.1 and later.

What do you want to do?

Role I want to ... Show me how
Administrator Configure an email server. Refer to "Configure the Email Settings as Notification Server" in the System Configuration Guide. (To access these settings, click the Email Server Settings link and go to the Servers tab or alternatively go to netwitness_adminicon_25x22.png (Admin) > System > Global Notifications > Servers tab.)
Incident Responders, Analysts, Content Experts, SOC Manager Configure email notifications for when an incident is created or updated. Configure Incident Notification Settings

Go to the NetWitness All Versions Documents page and find NetWitness Platform guides to troubleshoot issues.

Related Topics

Quick Look

To access the incident email notification settings, go to netwitness_configureicon_24x21.png (Configure) > Incident Notifications.
The Incident Email Notification Settings view is displayed.

netwitness_respnotifvw.png

The following table lists the incident email notification settings.

Setting

Description

Email Server

Specifies the Email server that will send the email notifications.
Email Server Settings

Allows you to configure an Email server if the one you want to use for notifications is not listed.

Clicking the Email Server Settings link goes to netwitness_adminicon_25x22.png (Admin) > System > Global Notifications. Configure the email server on the Servers tab. For instructions, refer to "Configure the Email Settings as Notification Server" in the System Configuration Guide.

SOC Manager Email Addresses

Lists the SOC Manager email addresses that receive email notifications when you select Send to SOC Manager in the Notification Types section. You can add and remove email addresses as needed.
Notification Types - Incident Created

Specifies who should receive an email notification when an incident is created.

  • Send to Assignee: When an incident is created, an email is sent to the Analyst assigned to the incident.
  • Send to SOC Manager: When an incident is created, an email is sent to all of the addresses listed in the SOC Manager Email Addresses list.

Notification Types - Incident Updated

Specifies who should receive an email notification when an incident is created.

  • Send to Assignee: When an incident is updated, an email is sent to the Analyst assigned to the incident.
  • Send to SOC Manager: When an incident is updated, an email is sent to all of the addresses listed in the SOC Manager Email Addresses list.

Apply

Applies changes made to the incident notification settings. Changes to these settings take effect immediately.

Note: If user email address information is updated in the netwitness_adminicon_25x22.png (Admin) > Security > Users tab, it can take up to two minutes for the new email changes to take effect. Any incident creation or incident update email notifications sent during this time go to the old email address.