Nebula can notify you when certain events occur, such as when real-time protection or scheduled scans detect threats, or if a new endpoint registers to your console. Use the Notifications settings to choose which notifications you want to receive. This article explains how to configure email, webhook, and Slack notifications in Nebula.
For Slack notifications, you must enable this feature. See Nebula integration with Slack guide.
For notification categories and conditions, see the table at the bottom.
- On the left menu, go to Configure > Notifications.
- Click New to set up a new Nebula notification.
- On the General page, enter your Notification name and Description.
- Click Next.
- On the Category page, select your notification category and click Next.
- On the Conditions page, select your Conditions. Click the add or delete button on the right side to add or remove a condition.
- Click Next once conditions are selected.
- On the Delivery page, click Enable digesting, if you want to group multiple alerts into a single notification. If enabled select your Interval and Grouped by options.
- Select Email, Call Webhook, or Slack for your notification delivery method.
- For Email or Call Webhook:
- Enter in a subject for the Subject line.
- Select available email recipients in the drop down menu, or enter in custom email recipients to receive notifications.
- For Slack if enabled:
- Select Slack channels from the drop down list. These are public channels pulled from your workspace.
- For Slack if disabled:
- Click Add to Slack.
- If you are signed in to your Slack workspace, click Allow to complete.
- If you are not signed in to your Slack workspace, follow the steps below:
- Enter your Slack workspace name.
- Click Continue.
- On the popup screen, click Sign in with SSO or I have a guest account to sign in with your Slack email and password.
- Once signed in, click Allow.
- Select Slack channels from the drop down list. These are channels pulled from your workspace.
- For Email or Call Webhook:
- Select tiles based on the desired content you want the notification to contain.
- Click Complete.
Categories and conditions
This table provides details on all available notification categories and conditions in Nebula.
Endpoint agent activity
- For Vulnerability Assessment customers, see Set up vulnerability notifications in Nebula.
- For Patch Management customers, see Set up patch notifications in Nebula.
- For DNS Filtering customers, see Set up DNS Filtering notifications in Nebula.
- For Application Block customers, see Set up Application Block notifications in Nebula.
- For Cloud Storage Scanning customers, see Set up Cloud Storage Scanning notifications in Nebula.
- For Managed Detection and Response customers, see Set up Managed Detection and Response notifications in Nebula
- For Managed Threat Hunting customers, see Set up Managed Threat Hunting notifications in Nebula
Return to the Malwarebytes Nebula Administrator Guide.