Notifications

You can send email, Slack and Microsoft Teams notifications when the system generates an incident with a specified priority.

To send notifications for Infinity XDR/XPR incidents:

1. Log in to the Infinity XDR Extended Detection & Response/XPR Extended Prevention & Response Administrator Portal.

2. Go to Settings > Notifications.

3. Enable the toggle button.

4. In the Trigger section:

   

   1. Select the priority level to trigger notifications. The system sends a notification when a generated incident matches the selected priority level.

   2. To send notifications only for incidents that were not prevented, select the Only when not prevented checkbox. If not selected, the system sends notifications for all incidents that match the selected priority level.

5. In the Content section, choose if you want to include tenant name in email notifications.

   

   Select one of these:

   • None - No prefix is added.

   • Predefined tenant name - Adds the Infinity Portal tenant name as a prefix.

   • Custom - Adds a custom tenant name as a prefix.

     Enter a name in the Tenant name field.

     

   The tenant name appears as a prefix in the email Subject. Adding the tenant name helps to easily identify the account associated with the generated incident.

   

6. Click Save Changes.

Sending Email Notifications

1. Enable the Email toggle button.

2. Enter the email addresses of users and/or distribution lists.

3. To view how the email subject and body appears, click Preview Email.

4. Click Save Changes.

Sending Slack Notifications

1. Enable the Slack toggle button.

2. Click Edit.

   Slack Channels pop-up appears.

3. Enter the Channel name and its URL.

   To add multiple channels, click Add Channel and enter the Channel name and its URL.

4. Click Save.

5. To view how the Slack notification appears, click Preview Message.

6. Click Save Changes.

Sending Microsoft Teams Notifications

1. Create a workflow in Microsoft Teams:

   Note - As a prerequisite, create a team and channel in Microsoft Teams to receive notifications.

   1. Open Microsoft Teams and click + Apps.

   2. Expand Workflows and click Notifications.

      

   3. Select the Post to a channel when a webhook request is received workflow.

      

      The workflow window appears.

      

   4. In the Name field, enter a name for your workflow.

   5. Click and select your Microsoft Teams account.

   6. Click Next.

      The workflow Details window appears.

      

   7. From the Microsoft Teams Team list, select your team.

   8. From the Microsoft Teams Channel list, select your channel.

   9. Click Add workflow.

      The system creates the workflow.

   10. Copy the workflow link and click Manage your workflow.

       

       The Home tab in the Workflows page appears.

   11. Click Edit.

       

   12. Click Send each adaptive card > Post card in a chat or channel.

       

   13. From the Post as list, select User.

       

   14. In the Adaptive Card field, select content.

   15. Click Save.

2. In the Infinity XDR/XPR Administrator Portal, go to Settings > Notifications and enable the Microsoft Teams toggle button.

3. Click Edit.

   Teams Channels window appears.

   

4. Enter the Channel name and in the URL field, paste the workflow URL copied in step 1.j.

5. Click Save.

6. To view how the Microsoft Teams notification appears, click Preview message.

7. Click Save Changes.

Testing the Notifications

To test the configured email, Slack, and Microsoft Teams notifications:

1. Click Settings > Notifications.

2. Click Send Test.

3. In the Test Platforms section, select the platforms you need to test (Email, Slack, Teams).

4. In the Test section, select the users.

   • To send the notifications to all the configured email addresses or channels, click All recipients.

   • To send the notifications to specific users or channels, click Specific and enter the required Recipients.

5. Click Send.