Qradar has e-mail template option for event or flow rules, but there is no option for offense rules. This tool provides rich content for new offense generation emails by the Qradar API. It also supports the following features:
-
Colorful table content that can be read easily and quickly to ensure customer satisfaction.
-
Maps email recipients to the domain value of the offense.
-
Adds "risky" prefix to e-mail subject using the magnitude of the offense
-
Useful tooltips and description translation (Turkish in the screenshot)
-
Optional automatic assignment
Qradar offense rule email
Formatted offense rule email with description translation
Formatted offense rule email with risky prefix
Scripts are not official IBM solutions. IBM highlights Modified (YUM) is not supported through all other installations of non-QRadar software modules, RPMs, or Yellowdog Updater. Use at your own risk.