Notifier Plugin for Ticket Orchestrator

Notifier Plugin for Ticket Orchestrator

This document explains how to configure the Notifier integration with the Cloud Ticket Orchestrator module of the Netskope Cloud Exchange platform.

Prerequisites

To complete this configuration, you need:

  • A Netskope tenant (or multiple, for example, production and development/test instances) that is already configured in Cloud Exchange.
  • A Netskope Cloud Exchange tenant with the Ticket Orchestrator module already configured.
  • An account in the appropriate Notifier platform(s), like Slack, PagerDuty, etc., and for Gmail, you need access to smtp.gmail.com and its port 465.

Workflow

  1. Configure the Notifier plugin.
  2. Configure Ticket Orchestrator Business Rules for Notifier.
  3. Configure Ticket Orchestrator Queues for Notifier.
  4. Validate the Notifier Plugin.

Click play to watch a video.

 

Notifier for Email (SMTP)

Configure the Notifier Plugin for Email (SMTP)

  1. In Cloud Exchange, go to Settings > Plugins.
  2. Search for and select the Notifier plugin box.
  3. Enter these values:
    • Configuration Name: Unique name for the configuration.
    • Sync Interval: Leave Default.
    • Use System Proxy: Enable if the proxy is required for communication.

  4. Click Next.
  5. Enter these values:
    • Platform Name: Email (SMTP)

  6. Click Next.
  7. Enter these values:
    • To: One or more comma-separated email addresses.
    • From: The from address to use in the email.
    • Host: Host of the SMTP server.
    • Port: Select the port number to use.
    • Username: The username of the SMTP server, if relevant.
    • Password: The password of the SMTP server if relevant. Follow the steps provided in the document to get the password.(https://support.google.com/mail/thread/182882752/application-specific-password-required?hl=en&authuser=3)
    • Tls: Select if TLS is required.
    • SSL: Select if SSL is required.
    • Html: Select if the email should be parsed as an HTML file.
    • Login: Select to trigger the login to the server.

  8. Click Save.

Configure a Ticket Orchestrator Business Rule for Email (SMTP)

  1. In Ticket Orchestrator, go to Business Rules and click Create New Rule.
  2. Enter a rule name, create a filter query for the business rule, and click Save.

Configure a Ticket Orchestrator Queue for Email (SMTP)

  1. In Ticket Orchestrator, go to Queues and click Add Queue Configuration.
  2. Enter these values:
    • Business Rule: Select a Business Rule..
    • Configuration: The Notifier plugin created previously.
    • Queues: For the Email Notifier plugin, it should be a Notification queue.
    • Map Fields: Add/Map appropriate values between alerts and notifications under the Map Field section. Alert’s attributes can be accessed via “$” in the custom message field. For the Email Notifier Plugin, the following three options are available:
      • Message: Message of the email.
      • Subject: Subject of the email.
      • To comma-separated email addresses, a default set to $user field from alerts.

  3. Click Save.
  4. Based on the business rule(s), Notifications for incoming alerts will be sent automatically to the email address. To create notifications for historical alerts, click Sync on the configured queue and enter the Time period (in days), and then click Fetch. This will show the number of alerts that are eligible for sending notifications.
  5. Click Sync to send the notification(s).

Notifier for Gmail

Configure the Notifier Plugin for Gmail

  1. In Cloud Exchange, go to Settings > Plugins.
  2. Search for and select the Notifier plugin box.
  3. Enter these values:
    • Configuration Name: Unique name for the configuration.
    • Sync Interval: Leave Default.
    • Use System Proxy: Enable if proxy is required for communication.

  4. Click Next.
  5. Enter these values:
    • Platform Name: Gmail

  6. Click Next.
  7. Enter these values:
    • To: One or more comma separated email addresses.
    • From: The from address to use in email.
    • Host: Host of the SMTP server.
    • Port: The port number to use.
    • Username: Username, if relevant.
    • Password: Password, if relevant.
    • Tls: Select if TLS is required.
    • Ssl: Select if SSL is required.
    • Html: Select if the email should be parsed as an HTML file.
    • Login: Select to Trigger login to server.


  8. Click Save.

Configure a Ticket Orchestrator Business Rule for Gmail

  1. In Ticket Orchestrator, go to Business Rules and click Create New Rule.
  2. Enter a rule name, create a filter query for the business rule, and click Save.

Configure a Ticket Orchestrator Queue for Gmail

  1. In Ticket Orchestrator, go to Queues and click Add Queue Configuration.
  2. Enter these values:
    • Business Rule: Your Business Rule.
    • Configuration: The Notifier plugin created previously.
    • Queues: For the Gmail Notifier plugin, it should be a “Notification” queue.
    • Map Fields: Add/Map appropriate values between alerts and notification under the Map Field section. Alert’s attributes can be accessed via “$” in the custom message field. For the Gmail Notifier Plugin, the following three options are available:
      • Message: Message of the email
      • Subject: Subject of the email
      • To: Comma separated email addresses, a default set to $user field from alerts.


  3. Click Save.

Notifier for Slack

Get your Slack Webhook URL

  1. To get a slack webhook URL, first sign in to your Slack account and then go to https://api.slack.com/messaging/webhooks and click Create your Slack app. If you already have a Slack application, jump to step 4.
  2. The following dialog will show up. Select From Scratch.
  3. The following dialog will open. Enter the name of your application in App Name and select the workspace in which you want to create the application. Click Create App to continue.
  4. Under Add features and functionality header, click Incoming Webhooks.
  5. Toggle the switch on top right corner (if not already “On”) to activate incoming webhooks in your application.
  6. Click Add new Webhook to Workspace.
  7. Select the channel in which you want your application to post the notifications, and then click Allow.
  8. Click Copy to get the newly generated webhook URL. This will be used while creating the Notifier plugin.
    A screenshot of a computer

Description automatically generated

Configure the Notifier Plugin for Slack

  1. In Cloud Exchange, go to Settings > Plugins.
  2. Search for and select the Notifier plugin box.
  3. Enter these values:
    • Configuration Name: Unique name for the configuration.
    • Sync Interval: Leave Default.
    • Use System Proxy: Enable if proxy is required for communication.

  4. Click Next.
  5. Enter these values:
    • Platform Name: Slack (Webhooks)

  6. Click Next.
  7. Enter these values:
    • Webhook Url: Webhook URL obtained previously.
    • Icon Url: Leave Default.
    • Icon Emoji: Leave Default.
    • Username: Leave Default.
    • Channel: Leave Default.
    • Unfurl Links: Leave Default.

  8. Click Save.

Configure a Ticket Orchestrator Business Rule for Slack

  1. In Ticket Orchestrator, go to Business Rules and click Create New Rule.
  2. Enter a rule name, create a filter query for the business rule, and click Save.

Configure a Ticket Orchestrator Queue for Slack

  1. In Ticket Orchestrator, go to Queues and click Add Queue Configuration.
  2. Enter these values:
    • Business Rule: Your Business Rule.
    • Configuration: The Notifier plugin created previously.
    • Queues: For the Slack Notifier plugin, it should be a Notification queue.
    • Map Fields: Add/Map appropriate values between alerts and notifications under the Map Field section. Alert’s attributes can be accessed via “$” in the custom message field.
    • Click  Add to add more field mappings.

  3. Click Save.
  4. Based on the business rule(s), Notifications for incoming alerts will be sent automatically to the configured Slack channel.
  5. To create notifications for historical alerts, click Sync on the configured queue and enter the Time period (in days), and then click Fetch. This will show the number of alerts that are eligible for sending notifications.
  6. Click Sync to send the notification(s).

Validate the Notifier Plugin

In order to validate the workflow you must have Netskope Alerts.

  1. In Ticket Orchestrator, go to Alerts.
  2. To view the message(s) sent to Slack, navigate to your configured Slack channel, in this case test.
  3. If notifications are not being sent to Slack, you can look at the audit logs in Cloud Exchange
    In Cloud Exchange, go to Logging.
    Look through the logs for errors.
Share this Doc

Notifier Plugin for Ticket Orchestrator

Or copy link

In this topic ...