To create an action, go to Responses > Actions > New Action.
Provide required details in the respective sections to create a new action:
- In the Basic Information section, provide a name and description of the action in the Action name and Description fields respectively. Select an action to specify EDR to send alert messages by either Email (Via Qualys)/Send Email (Your SMTP), Post to Slack or Send to Pager Duty. For the selected action, provide default message settings.
- We support these three actions: Send Email (Via Qualys)/Send Email (Your SMTP), Post to Slack and Send to Pager Duty for alerts.
- Select Send Email (Via Qualys)/Send Email (Your SMTP) to receive email alerts. Specify the recipients’ email ID who will receive the alerts, subject of the alert message and the customized alert message. Note that based on the configuration settings you will see either of the two options.
- Select “Send to PagerDuty” to send alerts to your PagerDuty account. Provide the service key that EDR will require to connect to your PagerDuty account. In Default Message Settings, specify the subject and the customized alert message.
- Select “Post to Slack” to post alert messages to your Slack account. Provide the Webhook URI that EDR will use to connect to your slack account to post alert messages. In Default Message Settings, specify the subject of the alert message and the customized alert message.
