ATTENTION Customers, All Partners and Employees: The Customer Support Portal (CSP) will be undergoing maintenance and unavailable on Saturday, November 7, 2020, from 11 am to 11 pm PST. Please read our blog for more information.
Is there any way to include the hostname for alerts received in Slack? They are very valuable to receive on the phone late at night, but would be even better if we had a bit more information: hostname, domain, something that indicates this is a test box... 🙂 Any takers? Is there something we need to tweak, or is this a feature request? Examples: Alert Name: Local Analysis Malware Severity: Medium Source: XDR Agent Category: Malware Action: Detected (Reported) Description: Suspicious executable detected Alert Name: Binary file being created to disk with a double extension Severity: Medium Source: XDR BIOC Category: File Type Obfuscation Action: Detected Description: File file name = .docx.exe, .xlsx.exe, .pptx.exe, .pdf.exe, .wav.exe, .mp3.exe, .mkv.exe, .avi.exe, .mp4.exe, .gif.exe, .bmp.exe, .png.exe, .jpg.exe, .jpeg.exe, .m4a.exe, .html.exe, .htm.exe, .mht.exe, .d… I ask because the Email Alerts have this info: Source:XDR Agent Category:Malware Action:Detected (Reported) Host:MSEDGEWIN10 Starred:No Excluded:No Alert:39439 Incident:13
... View more