Using Notification templates
You can configure the notification engine to send pre-defined template-based email to specific users when an event that is related to the template occurs. For example, the PAM server can notify and send a message when a user is added to the system. Sectona provides pre-defined notification rule out of which some can be user configured and some are system configured. Sectona has 18 notification group and each group has different content tags which provided essential information of particular event. Following are the list of Pre-defined templates and Content tags of each notification group
This section covers:
Pre-defined Notification Templates
You can send the standard notifications by Sectona Privileged Access Management, including the auto-generated notifications that are generated by the system or user. The system has pre-defined and out of box notification templates for multiple system changes. Refer to the following table for pre-defined notifications template available in Sectona:
| Sr. No | Configuration | Predefined Notification Rule | Description |
|---|---|---|---|
| 1 | User Configured | Account Created | Sends notification when an account is created |
| 2 | User Configured | Account Group Created | Sends notification when an account group is created |
| 3 | User Configured | Account Group Deleted | Sends notification when an account group is deleted |
| 4 | User Configured | Account Group Modified | Sends notification when some updates are made in an account group |
| 5 | User Configured | Account Password Out Of Sync | Sends notification when the account password is out of sync on PAM and the target asset |
| 6 | User Configured | Account Password Change Failed | Sends notification when account password change procedure has failed |
| 7 | User Configured | Account Password Change Success | Sends notification when the account password has been changed successfully |
| 8 | System Configured | Account Password CheckedOut | Sends notification when the account password has been checked out |
| 9 | System Configured | Analytical Report Exported | Sends notification when an analytical report is exported |
| 10 | System Configured | Application Proxy Master Node Changed | Send notification when there is failover between P1 and P2, Primary and Faillback, Primary and DR |
| 11 | User Configured | Asset Created | Sends notification when an asset is created |
| 12 | User Configured | Asset Not Reachable | Sends notification when an asset is not reachable |
| 13 | User Configured | Collaboration Invitation Created | Sends notification when user sends session collaboration invite to another user |
| 14 | User Configured | Command Executed | Sends notification when the command configured under 'Server Access Policy' is completed |
| 15 | User Configured | Command Execution Confirmed | Sends notification when the user confirms the command that needs to be executed under 'Server Access Policy' |
| 16 | User Configured | Command Execution Denied | Sends notification when the command we have configured to be denied is denied |
| 17 | User Configured | Command Execution Elevated | Sends notification when the command which is part of 'Server Access Policy' is elevated to a privileged user for execution |
| 18 | User Configured | Exclusive Access Assigned | Sends notification when exclusive access is assigned to the user |
| 19 | User Configured | File Deleted | Sends notification when a file is deleted |
| 20 | User Configured | File Transfer Completed | Sends notification when a file is transferred from one machine to another using FTP, SCP or SFTP |
| 21 | User Configured | High Availability Master Server Changed | Sends notification when master for the HA has been changed |
| 22 | User Configured | High Availability Node Added | Sends notification when HA is added |
| 23 | User Configured | High Availability Node Changed | Sends notification when an update is made in HA |
| 24 | User Configured | High Availability Process Started | Sends notification when HA has been started |
| 25 | User Configured | High Availability Process Stopped | Sends notification when HA has been stopped |
| 26 | User Configured | High Availability Server Not Reachable | Sends notification when HA is not reachable |
| 27 | User Configured | High Availability ServerOut Of Sync | Sends notification when HA is not synced with the system |
| 28 | User Configured | Instance Created | Sends notification when an instance is created |
| 29 | User Configured | Instance Modified | Sends notification when an update is made in the instance |
| 30 | User Configured | Login Failed | Sends notification when login has been failed |
| 31 | User Configured | Login Successful | Sends notification when user logs in successfully |
| 32 | System Configured | Maker Checker Request Approved | Sends notification when maker checker request is approved |
| 33 | System Configured | Maker Checker Request Created | Sends notification when maker checker request is created |
| 34 | System Configured | Maker Checker Request Processed | Sends notification when maker checker request has been processed |
| 35 | System Configured | Maker Checker Request Rejected | Sends notification when maker checker request has been rejected |
| 36 | System Configured | Multifactor Authentication Failed | Sends notification when MFA is failed while login |
| 37 | User Configured | Password Checkout Policy Created | Sends notification when password checkout policy is created |
| 38 | User Configured | Password Checkout Policy Modified | Sends notification when an update is made in password checkout policy |
| 39 | System Configured | Password Manager Process Completed | Sends notification when password change job is completed |
| 40 | System Configured | Password Manager Process Started | Sends notification when password change job is initiated |
| 41 | User Configured | Rotation Policy Created | Sends notification when rotation policy is created |
| 42 | User Configured | Rotation Policy Modified | Sends notification when an update is made in a rotation policy |
| 43 | User Configured | Satellite Vault Configuration Changed | Sends notification when satellite vault configuration is changed |
| 44 | User Configured | Satellite Vault Configured | Sends notification when satellite vault is configured |
| 45 | System Configured | Satellite Vault Security Key Received | Sends notification when satellite change job is initiated |
| 46 | System Configured | Scheduled Report Generated | Sends notification when a scheduled report is generated |
| 47 | System Configured | Sectona One Time Password | Sends OTP to user when user logs in to Sectona via through Multifactor Authentication |
| 48 | User Configured | Server Access Policy (Unix) Created | Sends notification when server access policy is created for Unix machine |
| 49 | User Configured | Server Access Policy (Unix) Deleted | Sends notification when server access policy for Unix machine is deleted |
| 50 | User Configured | Server Access Policy (Unix) Modified | Sends notification when an update is made in server access policy of Unix machine |
| 51 | User Configured | Server Access Policy (Windows) Created | Sends notification when server access policy is created for Windows machine |
| 52 | User Configured | Server Access Policy (Windows) Deleted | Sends notification when server access policy for Windows machine is deleted |
| 53 | User Configured | Server Access Policy (Windows) Modified | Sends notification when an update is made in server access policy of Windows machine |
| 54 | User Configured | Session Completed | Sends notification when the session is completed |
| 55 | User Configured | Session Initiated | Sends notification when the session is initiated |
| 56 | User Configured | Session Process Execution Completed | Sends notification when the process is executed in the session |
| 57 | User Configured | Session Process Execution Confirmed | Sends notification when the process execution is confirmed in the session |
| 58 | User Configured | Session Process Execution Denied | Sends notification when the process execution is disallowed in the session |
| 59 | User Configured | Session Proxy Started | Sends notification when the session proxy is started |
| 60 | User Configured | Session Proxy Stopped | Sends notification when the session proxy is stopped |
| 61 | System Configured | Session review request | Sends notification when session review request has been created |
| 62 | User Configured | System Backup Configuration Changed | Sends notification when an update is made in system backup configuration |
| 63 | User Configured | System Backup Configured | Sends notification when system backup is configured |
| 64 | User Configured | System Backup Created | Sends notification when the system backup is created |
| 65 | User Configured | System Health Information | Sends notification when predefined limit is exceeded for system health |
| 66 | User Configured | System License Added | Sends notification when a system license is added in the system |
| 67 | User Configured | System License Expiry Alert | Sends a notification when the system license is about to expire |
| 68 | User Configured | System Log Created | Sends notification when the system log is created |
| 69 | User Configured | User Access Policy Created | Sends notification when an user access policy is created |
| 70 | User Configured | User Access Policy Modified | Sends notification when an update is made in the user access policy |
| 71 | User Configured | User Created | Sends notification when a user is created |
| 72 | User Configured | User Password Reset | Sends notification when an administer resets user password |
| 73 | User Configured | Vault API Registration Created | Sends notification when the vault API registration is created in the system |
| 74 | User Configured | Vault API Registration Deleted | Sends notification when the vault API registration is deleted from the system |
| 75 | User Configured | Vault API Registration Modified | Sends notification when the vault API registration gets updated in the system |
| 76 | System Configured | Workflow Approval Request | Sends notification when workflow approval request is created |
| 77 | System Configured | Workflow Approved | Sends notification when workflow request is approved |
| 78 | System Configured | Workflow Approved (Password) | Sends notification when workflow request for password is created |
| 79 | System Configured | Workflow Rejected | Sends notification when workflow request is rejected |
| 80 | System Configured | Workflow Request Processed | Sends notification when workflow request is processed |
Content Tags of various Notification Groups
Sectona allows users to customize the content of an email with the help of content tags. Content tags are those tags that help in retrieving the appropriate data. To customize the content of an email message locate the Notification template that corresponds to the notification that you want to customize by navigating to the Configuration → Notification Template. Make your customizations to the template as needed. You can see the content tags of a particular template by clicking on the Content Tag(s) button. A list of content-tags will be shown. Copy the tag you wish to add in your email with the help of the description mentioned and save your changes and then close the file.
Below are the lists of all the Notification group’s content tags with its description:
Actions performed under Exclusive Access, Server Access Policy fall under Access Control group. Actions can be Exclusive Access Assigned, Server Access Policy (Unix) Created, Server Access Policy (Unix) Deleted, Server Access Policy (Unix) Modified, Server Access Policy (Windows) Created, Server Access Policy (Windows) Deleted and Server Access Policy (Windows) Modified. Following are the tags of the group which helps in providing appropriate data to the recipient via email.
Access Control | |
Content Tags | Description |
|---|---|
%AssetPolicyPolicyName% | Server access policy name |
%AssetPolicyDescription% | Server access policy description |
%AssetPolicyAllowValidTill% | Option to set expiry date of server access policy |
%AssetPolicyValidTill% | Expiry set for server access policy |
%AssetPolicyUnixCommandToBlock% | Unix command to be blocked |
%AssetPolicyUnixCommandToConfirm% | Unix command to be confirmed |
%AssetPolicyUnixCommandToElevate% | Unix command to be elevated |
%AssetPolicyUserGroups% | Server access policy enforced user group |
%AssetPolicyWindowsAppToBlock% | Windows application to be blocked |
%AssetPolicyWindowsAppToConfirm% | Windows application to be confirmed |
%AssetPolicyWindowsAppToElevate% | Windows application to be elevated |
%AssetPolicyType% | Type of policy |
%AssetPolicyExceptionUsers% | Exception Users |
%ExclusiveAccessUserGroupName% | User group selected for exclusive access |
%ExclusiveAccessAccountGroupName% | Account group selected for exclusive access |
%ExclusiveAccessUserLogonName% | User selected for exclusive access |
%ExclusiveAccessAccountName% | Account selected for exclusive access |
%ExclusiveAccessAssetType% | Asset Type of asset selected for exclusive access |
%ExclusiveAccessAssetHostname% | Host name of asset selected for exclusive access |
%ExclusiveAccessDBInstance% | DB Instance of asset selected for exclusive access |
%ExclusiveAccessAccountDomain% | Domain Name of Account selected for exclusive access |
%ExclusiveAccessAssetIPAddress% | IP Address of asset selected for exclusive access |
%ExclusiveAccessAssignedOn% | Exclusive access assigned on |
%Instance% | Instance name in which the configuration is saved or updated |
%CreatedBy% | Configuration created by |
%CreatedOn% | Configuration created on |
%ModifiedBy% | Configuration modified by |
%ModifiedOn% | Configuration modified on |
%SystemTrailOn% | Last trail captured on |
%SystemTrail_Field1% | Generic trail field 1 |
Actions performed under Account and Account Group fall under Accounts group. Actions can be Account Created, Account Group Created, Account Group Deleted and Account Group Modified. Following are the tags of the group which helps in providing appropriate data to the recipient via email.
Accounts | |
Content Tags | Description |
|---|---|
%AccountGroupName% | Account Group policy name |
%AccountGroupDescription% | Account group policy description |
%AccountGroupRuleType% | Account group policy rule method |
%AccountGroupAllowValidtill% | Option to set expiry date of account group policy |
%AccountGroupValidTill% | Expiry set for account group policy |
%AccountGroupIsActive% | Account group policy status |
%AccountgroupPolicyAllowEnforceComment% | Option to enforce comment |
%AccountGroupCommentMinLenght% | Minimum length of comment |
%AccountGroupAllowAPIAccess% | Option to allow API access |
%AccountGroupRequireTicketNo% | Option to enforce ticket number |
%AccountName% | Privileged account name |
%AccountDomain% | Domain name associated with the privileged account |
%AccountOwner% | Owner of the privileged account as per the system |
%AccountType% | Type of the privileged account |
%AccountCategory% | Category of privileged account |
%AccountAssetHostName% | Hostname of asset to which account is linked |
%AccountAssetIPAddress% | IP address of asset to which account is linked |
%AccountAssetType% | Type of asset to which asset/account is linked |
%AccountAssetCategory% | Category of asset to which account is linked |
%AccountAssetDatabase% | Database name of asset to which account is linked |
%AccountPasswordChangedBy% | Name of entity who changed account password |
%AccountPasswordChangedOn% | Last account password change date |
%AccountPasswordFailedOn% | Last account password change failure date |
%AccountPasswordFailedDetail% | Last account password change failure details |
%AccountPasswordReqestedBy% | Name of entity who requested account password |
%AccountPasswordReqestedOn% | Last password checkout requested date |
%AccountPasswordStatus% | Current password change status |
%Instance% | Instance name in which the configuration is saved or updated |
%CreatedBy% | Configuration created by |
%CreatedOn% | Configuration created on |
%ModifiedBy% | Configuration modified by |
%ModifiedOn% | Configuration modified on |
%SystemTrailOn% | Last trail captured on |
%SystemTrail_Field1% | Generic trail field 1 |
Actions performed asset management fall under Assets group. Actions can be Asset Created and Asset Not Reachable. Following are the tags of the group which helps in providing appropriate data to the recipient via email.
Assets | |
Content Tags | Description |
|---|---|
%AssetCategory% | Category of asset |
%AssetType% | Type of asset |
%AssetHostIP% | IP address of asset |
%AssetHostName% | Hostname of asset |
%AssetLocation% | Location of asset |
%AssetPort% | Port of asset |
%AssetDBInstance% | Database instance of asset |
%AssetOwner% | Owner of asset |
%AssetHostNameWithDBInstanceWithIP% | HostName with DBInstance with IP |
%Instance% | Instance name in which the configuration is saved or updated |
%CreatedBy% | Configuration created by |
%CreatedOn% | Configuration created on |
%ModifiedBy% | Configuration modified by |
%ModifiedOn% | Configuration modified on |
%SystemTrailOn% | Last trail captured on |
%SystemTrail_Field1% | Generic trail field 1 |
Actions performed user session’s fall under Audit group. Actions related to Session Review Requested fall under audit group. Following are the tags of the group which helps in providing appropriate data to the recipient via email.
Audit | |
Content Tags | Description |
|---|---|
%UsersSessionSessionID% | User session session ID |
%UsersSessionAccountName% | Account name in user session |
%UsersSessionHostname% | Hostname of user session |
%UsersSessionIPAddress% | IP address of user session |
%UsersSessionAssetType% | Asset type in user session |
%UsersSessionUsername% | Username of user session |
%UsersSessionAssetCategory% | Asset category in user session |
%UsersSessionDuration% | User session duration |
%UsersSessionRiskScore% | Session Risk Score |
%UsersSessionStartTime% | Session Start Time |
%UsersSessionEndTime% | Session End Time |
%UsersSessionReviewState% | Session Review State |
%UsersSessionReviewOn% | Session Reviewed On |
%UsersSessionReviewBy% | Session Reviewed By |
%UsersSessionReviewComment% | Session Review Comment |
%UsersSessionReReviewState% | Session Re-Review State |
%UsersSessionReReviewOn% | Session Re-Reviewed On |
%UsersSessionReReviewBy% | Session Re-Reviewed By |
%UsersSessionReReviewComment% | Session Re-Review Comment |
%UsersSessionAccessType% | Access type in user session |
%UsersSessionTicketNo% | Ticket number used for user session |
%UsersSessionComment% | Session comment |
%CreatedBy% | Configuration created by |
%CreatedOn% | Configuration created on |
%ModifiedOn% | Configuration modified on |
%SystemTrailOn% | Last trail captured on |
%SystemTrail_Field1% | Generic trail field 1 |
Actions performed Privileged Access Governance fall under Governance group. Actions can be PAGReview Completed, PAGReview Processed and PAGReview Requested. Following are the tags of the group which helps in providing appropriate data to the recipient via email.
Governance | |
Content Tags | Description |
|---|---|
%PAG_ReviewName% | Review Name |
%PAG_ReviewTypes% | Type Of Review |
%PAG_Scheduler% | Review Schedule |
%PAG_RecurEvery% | Scheduler Recur value |
%PAG_ValidTill% | Schedule Valid Till |
%PAG_CurrentApprovalLevel% | Current Approver Level |
%PAG_ApprovalLevel% | Next Approver Level |
%PAG_ReviewCreatedOn% | Review Created On |
%PAG_ReviewCreatedBy% | Review Created By |
%PAG_ReviewStatus% | Review Status |
%CreatedBy% | Configuration created by |
%CreatedOn% | Configuration created on |
%ModifiedBy% | Configuration modified by |
%ModifiedOn% | Configuration modified on |
%SystemTrailOn% | Last trail captured on |
%SystemTrail_Field1% | Generic trail field 1 |
Actions performed High Availability fall under this group. Actions can be High Availability Added, High Availability Changed, High Availability Master Changed, High Availability Not Reachable, High Availability Out Of Sync, High Availability Started and High Availability Stopped. Following are the tags of the group which helps in providing appropriate data to the recipient via email.
High Availability | |
Content Tags | Description |
|---|---|
%HA_SystemNodeType% | Type of node |
%HA_Hostname% | Hostname of the server |
%HA_IPAddress% | IP Address of server |
%HA_IPAddressWithPort% | IP Address of primary server with port |
%HA_IPAddressWithPort_Fallback% | IP Address of Fallback server with port |
%HA_IPAddressWithPort_DR% | IP Address of DR server with port |
%HA_Port% | Port user for HA |
%HA_URL% | URL of HA server |
%HA_SystemRoleCurrent% | Current Server type (Primary, Fallback or DR) |
%HA_SystemRoleDefined% | Defined Server type (Primary, Fallback or DR) |
%HA_PriorityCurrent% | Current Priority to do HA |
%HA_PriorityDefined% | Defined Priority to do HA |
%HA_Active% | Configuration is active |
%HA_CreatedBy% | HA Configuration created by |
%HA_CreatedOn% | HA Configuration created on |
%HA_ModifiedBy% | HA Configuration modified by |
%HA_ModifiedOn% | HA Configuration modified on |
%HA_EventDescription% | Event Description |
%HA_CPUUsage% | CPU Usage Of Server |
%HA_MemoryUsage% | Memory Usage Of Server |
%HA_DiskUsage% | Disk Usage Of Server |
%CreatedBy% | Configuration created by |
%CreatedOn% | Configuration created on |
%ModifiedBy% | Configuration modified by |
%ModifiedOn% | Configuration modified on |
%SystemTrailOn% | Last trail captured on |
%SystemTrail_Field1% | Generic trail field 1 |
Actions performed Instance fall under this group. Actions can be Instance Created and Instance Modified. Following are the tags of the group which helps in providing appropriate data to the recipient via email.
Instances | |
Content Tags | Description |
|---|---|
%InstanceName% | Instance name |
%InstanceShortName% | Instance short name |
%InstanceDescription% | Instance description |
%InstanceTimezone% | Instance time zone |
%InstanceIsActive% | Current instance status |
%CreatedBy% | Configuration created by |
%CreatedOn% | Configuration created on |
%ModifiedBy% | Configuration modified by |
%ModifiedOn% | Configuration modified on |
%SystemTrailOn% | Last trail captured on |
%SystemTrail_Field1% | Generic trail field 1 |
Actions related to System license fall under License group. Actions can be System License Added and System License Alert. Following are the tags of the group which helps in providing appropriate data to the recipient via email.
License | |
Content Tags | Description |
|---|---|
%SystemLicenseAddedBy% | Name of user who added system license |
%SystemLicenseAddedOn% | Date when system license was added |
%SystemLicenseNumberOfUsers% | Number of users that can be created on existing system license |
%SystemLicenseNumberOfAssets% | Number of assets that can be created on existing system license |
%SystemLicenseNumberOfAccounts% | Number of accounts that can be created on existing system license |
%SystemLicenseNumberOfInstance % | Number of instances that can be created on existing system license |
%SystemLicenseSystemID% | System ID of system license |
%SystemLicenseLicenseKey% | License key of system license |
%SystemLicenseDuration% | System license duration |
%SystemLicenseExpiryDate% | System license Expiry Date |
%SystemTrailOn% | Last trail captured on |
%SystemTrail_Field1% | Generic trail field 1 |
Actions related to policies fall under this group. Actions can be Password Checkout Policy Created, Password Checkout Policy Modified, Rotation Policy Created and Rotation Policy Modified. Following are the tags of the group which helps in providing appropriate data to the recipient via email.
Policy | |
Content Tags | Description |
|---|---|
%RotationPolicyName% | Password rotation policy name |
%RotationPolicyMethod% | Password rotation policy method |
%RotationPolicyRecurEvery% | Recurring period for password rotation |
%RotationPolicyStartson% | Password rotation policy starting date |
%RotationPolicyFromTime% | Starting time of password rotation |
%RotationPolicyToTime% | Ending time of password rotation |
%RotationPolicyValidTill% | Password rotation policy validity |
%RotationPolicyPasswordPolicy% | Password policy for rotating password |
%RotationPolicyResetFailedPassword% | Option to reset password |
%CheckoutPolicyName% | Password checkout policy name |
%CheckoutPolicyAllowCheckout% | Option to enable password checkout |
%CheckoutPolicyNoApprovalCheckout% | Option to enable password checkout without approval |
%CheckoutPolicyChangePassword% | Option to change password after check in |
%CheckoutPolicyResetFailedPassword% | Option to reset password on the event of password change failure |
%CheckoutPolicyAllowConcurrency% | Option to enable concurrency |
%CheckoutPolicyConcurrency% | Concurrency set for password checkout |
%CheckoutPolicyDefaultDays% | Default days set for password checkout |
%CheckoutPolicyDefaultHours% | Default hours set for password checkout |
%CheckoutPolicyDefaultMinutes% | Default minutes set for password checkout |
%CheckoutPolicyMaxDays% | Maximum days allowed to checkout password |
%CheckoutPolicyMaxHours% | Maximum hours allowed to checkout password |
%CheckoutPolicyMaxMinutes% | Maximum minutes allowed to checkout password |
%CheckoutPolicyDefaultDuration% | Default Duration allowed to checkout password |
%CheckoutPolicyMaxDuration% | Maximum Duration allowed to checkout password |
%Instance% | Instance name in which the configuration is saved or updated |
%CreatedBy% | Configuration created by |
%CreatedOn% | Configuration created on |
%ModifiedBy% | Configuration modified by |
%ModifiedOn% | Configuration modified on |
%SystemTrailOn% | Last trail captured on |
%SystemTrail_Field1% | Generic trail field 1 |
Actions related to proxies fall under Proxy and Landing Server group. Actions can be Session Proxy Started and Session Proxy Stopped. Following are the tags of the group which helps in providing appropriate data to the recipient via email.
Proxy and Landing Servers | |
Content Tags | Description |
|---|---|
%SessionProxyName% | Session proxy name |
%SessionProxyType% | Session proxy type |
%SessionProxyHostname% | Session proxy hostname |
%SessionProxyIPAddress% | IP address of session proxy |
%SessionProxyPort% | Session proxy port |
%SessionProxyIsActive% | Current status of session proxy |
%SessionProxyStartedOn% | Session proxy start time |
%SessionProxyStoppedOn% | Session proxy stop time |
%CreatedBy% | Configuration created by |
%CreatedOn% | Configuration created on |
%ModifiedBy% | Configuration modified by |
%ModifiedOn% | Configuration modified on |
%SystemTrailOn% | Last trail captured on |
%SystemTrail_Field1% | Generic trail field 1 |
Actions related to reports fall under Reporting group. Actions can be Analytical Report Exported and Scheduled Report Generated. Following are the tags of the group which helps in providing appropriate data to the recipient via email.
Reporting | |
Content Tags | Description |
|---|---|
%CurrentTimestamp% | Current date and time of the system |
%ReportSchedulerReportName% | Name Of the report |
%ReportSchedulerReportCategory% | Category of report |
%ReportSchedulerReportGroup% | Group of report |
%ReportSchedulerScheduledOn% | Report Scheduled On |
%ReportSchedulerScheduledBy% | Report Scheduled By |
%ReportSchedulerUpdatedOn% | Report Scheduler Updated On |
%ReportSchedulerUpdatedBy% | Report Scheduler Updated By |
%Instance% | Instance name in which the configuration is saved or updated |
%CurrentTimestamp% | Current date and time of the system |
%AnalyticalReportName% | Name Of the report |
%AnalyticalReportCategory% | Category of report |
%AnalyticalReportGroup% | Group of report |
%AnalyticalReportExportedOn% | Report Exported On |
%AnalyticalReportExportedBy% | Report Exported By |
%CreatedBy% | Configuration created by |
%CreatedOn% | Configuration created on |
%ModifiedBy% | Configuration modified by |
%ModifiedOn% | Configuration modified on |
%SystemTrailOn% | Last trail captured on |
%SystemTrail_Field1% | Generic trail field 1 |
Actions related to Satellite Vault fall under this group. Actions can be Satellite Vault Configuration Changed and Satellite Vault Configured. Following are the tags of the group which helps in providing appropriate data to the recipient via email.
Satellite Vault | |
Content Tags | Description |
|---|---|
%SatelliteVaultRemoteHostname% | Server hostname |
%SatelliteVaultRemotePort% | Server port |
%SatelliteVaultAccessKey% | Public key for communication |
%SatelliteVaultInstances% | Instances to share account password |
%SatelliteVaultAccountGroups% | Accounts from account groups to be shared |
%SatelliteVaultUsers% | Users with whom the password to be shared |
%SatelliteVaultAdminUsers% | Users who has admin privileges |
%SatelliteVaultActive% | Configuration is enable or not |
%SatelliteVaultCreatedBy% | Configuration Created by |
%SatelliteVaultCreatedOn% | Configuration Created on |
%SatelliteVaultChangedBy% | Configuration modified by |
%SatelliteVaultChangedOn% | Configuration modified on |
%CreatedBy% | Configuration created by |
%CreatedOn% | Configuration created on |
%ModifiedBy% | Configuration modified by |
%ModifiedOn% | Configuration modified on |
%SystemTrailOn% | Last trail captured on |
%SystemTrail_Field1% | Generic trail field 1 |
Actions related to user’s logging in to Sectona fall under Security group. Actions can be Login Failed, Login Successful, Multifactor Authentication Failed and Sectona OTP Message. Following are the tags of the group which helps in providing appropriate data to the recipient via email.
Security | |
Content Tags | Description |
|---|---|
%UsersLoginFailedSourceIP% | Source IP address of user logged in |
%UserLoginFailedSourceHostname% | Source hostname of user logged in |
%UserLoginFailedSourceUsername% | Source username of user logged in |
%UserLoginFailedTime% | User login time |
%UserLoginFailedLogDetails% | User login log details |
%UserLoginFailedUsername% | Username of user logged in |
%UserLoginFailedFirstname% | Firstname of user logged in |
%UserLoginFailedLastname% | Lastname of user logged in |
%CreatedBy% | Configuration created by |
%CreatedOn% | Configuration created on |
%ModifiedBy% | Configuration modified by |
%ModifiedOn% | Configuration modified on |
%Multifactortype% | Multifactor used by user to login to spectra |
%OTPNo% | OTP number |
%OTPUsername% | Username to send the OTP |
%OTPValidTill% | OTP validation Duration |
%SystemTrailOn% | Last trail captured on |
%SystemTrail_Field1% | Generic trail field 1 |
Actions related sessions fall under Session Activity group. Actions can Collaboration Invitation Created, Session Completed, Session Initiated, Session Command Execution Completed, Session Command Execution Confirmed, Session Command Execution Denied, Session Command Execution Elevated, Session File Deleted, Session File Transfer Completed, Session Process Execution Completed, Session Process Execution Confirmed and Session Process Execution Denied. Following are the tags of the group which helps in providing appropriate data to the recipient via email.
Session Activity | |
Content Tags | Description |
|---|---|
%SharedWithUsername% | Username of session collaborated with |
%SharingComment% | Comment on session collaboration |
%SharingSessionTitle% | Session title of session collaboration |
%SharingURL% | URL of session collaboration |
%SharedByUsername% | Username of session collaboration by |
%UsersSessionSessionID% | User session session ID |
%UsersSessionAccountName% | Account name in user session |
%UsersSessionHostname% | Hostname of user session |
%UsersSessionIPAddress% | IP address of user session |
%UsersSessionAssetType% | Asset type in user session |
%UsersSessionUsername% | Username of user session |
%UsersSessionAssetCategory% | Asset category in user session |
%UsersSessionDuration% | User session duration |
%UsersSessionRiskScore% | Session Risk Score |
%UsersSessionStartTime% | Session Start Time |
%UsersSessionEndTime% | Session End Time |
%UsersSessionReviewState% | Session Review State |
%UsersSessionReviewOn% | Session Reviewed On |
%UsersSessionReviewBy% | Session Reviewed By |
%UsersSessionReviewComment% | Session Review Comment |
%UsersSessionReReviewState% | Session Re-Review State |
%UsersSessionReReviewOn% | Session Re-Reviewed On |
%UsersSessionReReviewBy% | Session Re-Reviewed By |
%UsersSessionReReviewComment% | Session Re-Review Comment |
%UsersSessionAccessType% | Access type in user session |
%UsersSessionTicketNo% | Ticket number used for user session |
%UsersSessionComment% | Session comment |
%CreatedBy% | Configuration created by |
%CreatedOn% | Configuration created on |
%ModifiedOn% | Configuration modified on |
%SessionID% | Session ID of session |
%SessionCommandText% | Command text captured from the session |
%SessionAssetType% | Asset type in the session |
%SessionlogAccountName% | Account name in session log |
%SessionlogHostname% | Hostname in session log |
%SessionUsername% | Name of entity who took the session |
%SessionCommandType% | Type of command captured from the session |
%SessionExecutedOn% | Execution date of session |
%SessionIPAddress% | IP address in the session |
%SessionlogCommandExecutedOn% | Command Executed On |
%SessionCommandSessionID% | Session ID |
%SessionCommandUser% | Username of session |
%SessionCommandAssetType% | Asset type of the asset |
%SessionCommandAccessType% | Access type of the asset |
%SessionCommandHostname% | Hostname of the asset |
%SessionCommandIPAddress% | IP address of the asset |
%SessionCommandAccountName% | Account name of the asset |
%SessionCommandAccountDomain% | Domain name of the account |
%SessionCommandCommandType% | Type of command captured from session |
%SessionCommandCommandText% | Command text captured from session |
%SessionCommandExecutedBy% | Command executed by |
%SessionCommandExecutedOn% | Command executed on |
%SessionID% | Session ID of session |
%SessionCommandText% | Command text captured from the session |
%SessionAssetType% | Asset type in the session |
%SessionlogAccountName% | Account name in session log |
%SessionlogHostname% | Hostname in session log |
%SessionUsername% | Name of entity who took the session |
%SessionCommandType% | Type of command captured from the session |
%SessionExecutedOn% | Execution date of session |
%SessionIPAddress% | IP address in the session |
%SessionlogCommandExecutedOn% | Command Executed On |
%SystemTrailOn% | Last trail captured on |
Actions related to System fall under System group. Actions can be System Backup Configuration Changed, System Backup Configured, System Backup Created, System Health Information and System Log Created. Following are the tags of the group which helps in providing appropriate data to the recipient via email.
System | |
Content Tags | Description |
|---|---|
%SystemLogHostname% | Hostname in system log |
%SystemLogCode% | System log code |
%SystemLogType% | Type of system log |
%SystemLogDate% | Date of system log |
%SystemLogLevel% | System log level |
%SystemLogAccount% | Account name in system log |
%SystemLogDescription% | System log description |
%SystemVirtualDirectoryName% | Virtual Directory of application |
%SystemVirtualDirectoryPath% | Path where the application is hosted |
%SystemBackupCreatedOn% | Date when the backup is created |
%SystemBackupFileNamePrefix% | Backup file prefix |
%SystemBackupFileNameFormat% | Backup filename format |
%SystemBackupLocalDirectory% | Local path to store backup |
%SystemBackupEnableRemoteBackup% | Enable remote backup |
%SystemBackupRemoteDirectory% | Remote path to store backup |
%SystemBackupRemoteBackupUsername% | Username for remote backup |
%SystemBackupRecureDays% | No of days backup should recur |
%SystemBackupTime% | Time to take backup |
%SystemBackupEnabled% | System backup enabled or not |
%SystemBackupFileName% | Name of backup file |
%SystemBackupConfuguredBy% | Backup Configured By |
%SystemBackupConfiguredOn% | Backup Configured On |
%SystemBackupConfugurationChangedBy% | Backup Configuration Changed By |
%SystemBackupConfugurationChangedOn% | Backup Configuration Changed On |
%HA_SystemNodeType% | Type of node |
%HA_Hostname% | Hostname of the server |
%HA_IPAddress% | IP Address of server |
%HA_IPAddressWithPort% | IP Address of primary server with port |
%HA_IPAddressWithPort_Fallback% | IP Address of Fallback server with port |
%HA_IPAddressWithPort_DR% | IP Address of DR server with port |
%HA_Port% | Port user for HA |
%HA_URL% | URL of HA server |
%HA_SystemRoleCurrent% | Current Server type (Primary, Fallback or DR) |
%HA_SystemRoleDefined% | Defined Server type (Primary, Fallback or DR) |
%HA_PriorityCurrent% | Current Priority to do HA |
%HA_PriorityDefined% | Defined Priority to do HA |
%HA_Active% | Configuration is active |
%HA_CreatedBy% | HA Configuration created by |
%HA_CreatedOn% | HA Configuration created on |
%HA_ModifiedBy% | HA Configuration modified by |
%HA_ModifiedOn% | HA Configuration modified on |
%HA_EventDescription% | Event Description |
%HA_CPUUsage% | CPU Usage Of Server |
%HA_MemoryUsage% | Memory Usage Of Server |
%HA_DiskUsage% | Disk Usage Of Server |
%CreatedBy% | Configuration created by |
%CreatedOn% | Configuration created on |
%ModifiedBy% | Configuration modified by |
%ModifiedOn% | Configuration modified on |
%SystemTrailOn% | Last trail captured on |
%SystemTrail_Field1% | Generic trail field 1 |
Actions related to User management fall under Users group. Actions can be sending Security Key File via email, User Created, User Access Policy Created and User Access Policy Modified. Following are the tags of the group which helps in providing appropriate data to the recipient via email.
Users | |
Content Tags | Description |
|---|---|
%UserAccessPolicyName% | User access policy name |
%UserAccessPolicySchedulerType% | User access policy scheduler type |
%UserAccessPolicyRecurEvery% | Recurring period for user access policy |
%UserAccessPolicyFromTime% | Starting time of user access policy |
%UserAccessPolicyToTime% | Ending time of user access policy |
%UserAccessPolicyAllowIPSegment% | Option to enable IP segment |
%UserAccessPolicyIPSegment% | IP segments to allow in user access policy |
%UserAccessPolicyVideo% | Option for enabling session recording |
%UserAccessPolicyRecordCommand% | Option for enabling session recording |
%UserAccessPolicyLiveView% | Option for enabling Live view |
%UserAccessPolicySessionTermination% | Option for enabling session termination |
%UserAccessPolicySessionCollaboration% | Option for enabling session collaboration |
%UserAccessPolicyAllowConcurrency% | Option to enable concurrency |
%UserAccessPolicyConcurrency% | Number of concurrent sessions to be allowed |
%UserAccessPolicyMaxDurationDays% | Maximum days that user can access the system |
%UserAccessPolicyMaxDurationHours% | Maximum hours that user can access the system |
%UserAccessPolicyMaxDurationMinutes% | Maximum minutes that user can access the system |
%UserAccessPolicyApplySessionBanner% | Session banner should be applied o not |
%UserAccessPolicySessionBanner% | Session banner applied to every session |
%UserAccessPolicyMFAType% | Multifactor applied to Policy |
%UserAccessPolicyMFAForNewSession% | Enforce MFA For New Session |
%UserAccessPolicyAllowViaJumpServer% | Access via jump server should be allowed or not |
%UserAccessPolicyAllowRDPDirect% | Access via rdp direct file should be allowed or not |
%UserAccessPolicyAdaptiveAuthentication% | Check for Adaptive Authentication |
%UserAccessPolicyMaxSessionDuration% | Maximum session duration |
%UserAccessPolicyConcurrencyValue% | Concurrent session to spectra portal |
%UserAccessPolicyMFATypeValue% | Multifactor applied to Policy |
%UserAccessPolicyIPSegmentValue% | IP segments to allow in user access policy |
%Instance% | Instance name in which the configuration is saved or updated |
%UserLogonName% | User logon name |
%UserFirstName% | First name of user |
%UserLastName% | Last name of user |
%UserEmailID% | User email ID |
%UserMobileNo% | Registered mobile number of user |
%UserExpiresOn% | User logon expiry date |
%UserCompany% | User's company name |
%UserManager% | User's manager name |
%UserActiveDirectory% | Active directory name |
%UserRole% | Role assigned to user |
%UserGroup% | Groups assigned to user |
%UserStatus% | Current user status |
%Instance% | Instance name in which the configuration is saved or updated |
%CreatedBy% | Configuration created by |
%CreatedOn% | Configuration created on |
%ModifiedBy% | Configuration modified by |
%ModifiedOn% | Configuration modified on |
%SystemTrailOn% | Last trail captured on |
%SystemTrail_Field1% | Generic trail field 1 |
Actions related to vault fall under this group. Actions can be Account Password Out Of Sync, Account Password CheckedOut, Account Password Change Failed, Account Password Change Succeeded, Password Manager Process Completed, Password Manager Process Started, Vault API Registration Created, Vault API Registration Deleted and Vault API Registration Modified. Following are the tags of the group which helps in providing appropriate data to the recipient via email.
Vault | |
Content Tags | Description |
|---|---|
%VaultAPIDescription% | Vault API description |
%VaultAPIHostname% | Vault API hostname |
%VaultAPIScope% | Vault API scope |
%VaultAPIExpiry% | Vault API expiry status |
%VaultAPIExpiryDate% | Vault API expiry date |
%VaultAPIStatus% | Current vault API status |
%AccountName% | Privileged account name |
%AccountDomain% | Domain name associated with the privileged account |
%AccountOwner% | Owner of the privileged account as per the system |
%AccountType% | Type of the privileged account |
%AccountCategory% | Category of privileged account |
%AccountAssetHostName% | Hostname of asset to which account is linked |
%AccountAssetIPAddress% | IP address of asset to which account is linked |
%AccountAssetType% | Type of asset to which asset/account is linked |
%AccountAssetCategory% | Category of asset to which account is linked |
%AccountAssetDatabase% | Database name of asset to which account is linked |
%AccountPasswordChangedBy% | Name of entity who changed account password |
%AccountPasswordChangedOn% | Last account password change date |
%AccountPasswordFailedOn% | Last account password change failure date |
%AccountPasswordFailedDetail% | Last account password change failure details |
%AccountPasswordReqestedBy% | Name of entity who requested account password |
%AccountPasswordReqestedOn% | Last password checkout requested date |
%AccountPasswordStatus% | Current password change status |
%AccountName% | Privileged account name |
%AccountDomain% | Domain name associated with the privileged account |
%AccountOwner% | Owner of the privileged account as per the system |
%AccountType% | Type of the privileged account |
%AccountCategory% | Category of privileged account |
%AccountAssetHostName% | Hostname of asset to which account is linked |
%AccountAssetIPAddress% | IP address of asset to which account is linked |
%AccountAssetType% | Type of asset to which asset/account is linked |
%AccountAssetCategory% | Category of asset to which account is linked |
%AccountAssetDatabase% | Database name of asset to which account is linked |
%AccountPasswordChangedBy% | Name of entity who changed account password |
%AccountPasswordChangedOn% | Last account password change date |
%AccountPasswordFailedOn% | Last account password change failure date |
%AccountPasswordFailedDetail% | Last account password change failure details |
%AccountPasswordReqestedBy% | Name of entity who requested account password |
%AccountPasswordReqestedOn% | Last password checkout requested date |
%AccountPasswordStatus% | Current password change status |
%NoofAccounts% | Number of accounts for password change |
%NoofAccounts_Failed% | Number of failed password change accounts |
%NoofAccounts_Success% | Number of successful password change accounts |
%NoofAccounts_Skiped% | Number of skipped password change accounts |
%PasswordManagerIsActive% | Current status of password manager |
%PasswordManagerDescription% | Password manager description |
%Instance% | Instance name in which the configuration is saved or updated |
%CreatedBy% | Configuration created by |
%CreatedOn% | Configuration created on |
%ModifiedBy% | Configuration modified by |
%ModifiedOn% | Configuration modified on |
%SystemTrailOn% | Last trail captured on |
%SystemTrail_Field1% | Generic trail field 1 |
Actions related to workflow fall under this group. Actions can be Maker Checker Approved, Maker Checker Created, Maker Checker Processed, Maker Checker Rejected, Workflow Approval Request, Workflow Approved, Workflow Approved Password, Workflow Rejected and Workflow Request Processed. Following are the tags of the group which helps in providing appropriate data to the recipient via email.
Workflow | |
Content Tags | Description |
|---|---|
%WorkflowRequestID% | Workflow request ID |
%WorkflowRequestType% | Workflow request type(password/access) |
%WorkflowRequestDuration% | Workflow request duration |
%WorkflowRequestStartOn% | Workflow request started on |
%WorkflowRequestEndsOn% | Workflow request ends on |
%WorkflowRequestComment% | Comment for workflow request |
%WorkflowRequestTicketNo% | Workflow request ticket number |
%WorkflowRequestAssetCategory% | Asset category of asset for workflow request |
%WorkflowRequestAssetType% | Asset type of asset for workflow request |
%WorkflowRequestHostName% | Hostname of asset for workflow request |
%WorkflowRequestAccount% | Account name of account for workflow request |
%WorkflowRequestURL% | URL for the approval/rejection of the request |
%WorkflowRequestCurrentStatus% | Current status of workflow request |
%WorkflowRequestComment% | Comment for workflow request |
%WorkflowRequestLastComment% | Last comment on the workflow request |
%WorkflowRequestLastCommentBy% | The username of the previous level approver of the workflow request |
%WorkflowRequestLevel% | Workflow request level |
%WorkflowRequestAccessMode% | Access Mode of request |
%Instance% | Instance name in which the configuration is saved or updated |
%CreatedBy% | Configuration created by |
%CreatedOn% | Configuration created on |
%ModifiedBy% | Configuration modified by |
%ModifiedOn% | Configuration modified on |
%SystemTrailOn% | Last trail captured on |
%SystemTrail_Field1% | Generic trail field 1 |