Better Email Alert Notificatoins

Does anybody know of a method to create more detailed subject headers in their email alerts? I’m looking for a way to add more granularity, but this functionality seems to be missing from the InsightIDR portal.

3 Likes

Thanks for the feedback. We don’t see this feature being included in our roadmap in the nearest future. Could you tell me more about why this feature is important to you? What is the problem that it is causing around your usage of our product? What benefits would you see from having this built?
Thank you.

In scenarios where you’re dealing with multiple environments/customers in a managed service-esque situation, it’d be handy to be able to specify which customer is who in the email subject line. It would also be nice to be able to include the priority/severity in the subject as well.

2 Likes

Hi Regan, if you use Office365 you can rewrite the subject header based on e-mail content. The e-mail contains a link with the guid of the specific deployment, you can use that to trigger the rewrite. But it would definitely be nice to have an option to customize the e-mail template.

1 Like

Hello, is it possible to change the built-in email template somehow? We have multiple DC with different names and it is hard to read from the mail which dc example: if the ingress auth. report comes from dc1 oder dc2 and if we can put more information in the mail directly

1 Like

I agree that custom email templates would be useful.

We use email alerts to integrate with out ITSM/ticketing system (it’s not Jira or ServiceNow) and the emails that come out of IDR are too generic for us to easily categorise them.

The only one that is different is the email alert for a custom query. They’re really good because the message body includes the log which triggered the alert so we can easily pull values from it to classify and prioritise incidents.

1 Like

In regards to distinguishing customers from email alerts in MSP environment:
Every email alert features link to the related investigation. Each link contains the unique ID of the customer.
Example for investigation link in email alert:
https://eu.idr.insight.rapid7.com/op/4321BEEF098712340420#/investigations/xx00-yy-zz-aa-bbcc
The part after “/op/” is the GUID of the customer, the part after “/investigations/” is the ID of the investigation in IIDR.

We set our ticketing systems to automatically assign the email/ticket to the correct customer based on the GUID.
This helps to some extend, but having threat type, customer, and some other info like asset, user name in the subject would be very helpful.

Cheers

2 Likes