A customer's Security Operations Center (SOC) team wants to receive alerts from Prisma Cloud via email once a day about all policies that have a violation, rather than receiving an alert every time a new violation occurs.
Which alert rule configuration meets this requirement?
To receive daily email alerts for all policy violations, the SOC team should configure an alert rule that encompasses all policies and sets the notification frequency to once per day. This can be achieved by:
Navigating to the ''Policies'' tab within the alert rule configuration and selecting ''All Policies'' to ensure that the rule applies to every policy.
Moving to the ''Set Alert Notifications'' tab and choosing the ''Email'' notification method.
Setting the notification to ''Recurring'' with a frequency of every 1 day.
Enabling the email notification by specifying the recipient's email address.
This configuration ensures that the SOC team will receive a consolidated email once a day that includes information on all policies that have been violated, rather than receiving multiple alerts throughout the day as new violations occur. It allows the team to review the compliance status efficiently and prioritize their response accordingly.
Mary
2 months agoJaney
1 months agoAlaine
1 months agoLucia
1 months agoCherry
2 months agoDetra
3 months agoTawanna
3 months agoCarmelina
2 months agoKyoko
2 months agoAn
2 months agoMari
3 months agoJesusita
3 months agoSolange
3 months agoHildred
1 months agoJerry
1 months agoLaticia
2 months agoNikita
2 months agoMarge
3 months agoVirgina
3 months ago