Skip to main content

Hi, we are stumbled upon a use case where when a user is presented with justification reason box for "Policy Violation" they are required to input the reason and this should generate an email notification to our dropbox that will generate a ticket in our ticketing system (connectwise) 

 

However, even though we configured the ticket orchestrator on cloud exchange we are able to get the "alerts" with the help of plugins notifier, netskope ITSM CTO's. This set up is not creating any tickets as you can see from the screenshot attached. 

 

We are looking for a way for the users when they justify the reason to use blocked page, this should generate an email notification to our dropbox. We have tried adding the email to the individual policy email notifications but this does not provide us with user justification reasons.

Do you have a business rule and queue created?  Business rules look at the incoming alerts, apply logic to the alerts, and create tickets based on that logic.  By default tickets are not created on incoming alerts.  

 


@matt-frank We have already set a test business rule and queue created for this use case


@matt-frank After reconfiguring with the suggestion from your end, We reconfigured everything perfectly till Business rule. Somehow I feel we are stuck at queue as after configuring the que the ticket que is not generated 🙂 Any inputs from the specialists are welcome 🙂 

 


Can you share a screenshot of your business rule logic? 


@matt-frank please find attached 😊

 

If you have a sample of the config parameters for the notifier plugin (smtp.office365.com) that's something we can compare to look at it if we got it right 🙂 

 


@hhamza You'll want to change your business rule from Policy to Aert Name.  

 

Semi confusing, but you can see what fields CE map the alert data from the NS tenant by expanding the alert. 

 




@matt-frank Thanks for feedbacks, we have sorted this one out. Our culprit for not receiving the alerts was the Netskope notifier configuration parameters. We are now receiving the alerts for the justification when we changed the SSL to No 😀 (Screenshot 1)

 

However, when the user does not click OK or provide justification, the browser goes auto refresh and we are receiving another alert (duplicate alert) in our que with Justification as N/A - We need to sort this one from 'Netskope Alerts' with AND/OR/NOR Conditions. (Screenshot2)

 


We ran into the same issue when we tried to create a business rule with a user just clicking OK with no justification.  

 

In CE 4.1, there is a workaround to prevent blank justifications to not fire, which is below.  

 

 

1) Create the filter as shown in the below image and click on the "Filter Query" button

 

 

2) Here is the screenshot of the filter query view

 

 

3) Select the keyword "empty" 

 

 

4) Remove the keyword "empty" as shown below and click on the load button.

 

 

5) Finally click on the save button to save the business rule.

 

 

In CE 4.2 (currently in beta), there will be a new filter value for 'Is Empty', which will negate the above workaround.  


Reply