Skip to main content

Set up Vulnerability and Patch Management notifications in OneView

Updated: 

OneView notifies you when events occur, such as when a vulnerability is found, a patch is available, or a patch is installed on endpoints. Use the Notifications settings to choose which alerts you want to receive. For more information on all notifications, see Set up notifications in OneView.

Set up notifications

  1. On the left menu click Configure Notifications.
  2. Click the Add notification icon OV_plus.png to set up a new OneView notification. 
  3. On the General page, enter your Notification name and Description.
  4. Click Next
  5. On the Category page, select Endpoint agent activity.
  6. Select Software update, Patch applied, or Patch available
  7. Then click Next
  8. On the Conditions page, select your Sites and Conditions. Click the add or delete button on the right side to add or remove a condition. See the Conditions table below for more information. 
  9. Click Next once conditions are selected.
  10. On the Delivery page, click Enable aggregation to group multiple alerts into a single notification. If enabled, select your Interval and Grouped by options. 
  11. Select Email or Call Webhook for your notification delivery method.
  12. Enter in a notification subject for the Subject line or your Webhook URL.
  13. Select available email recipients in the drop-down menu, or enter additional recipients to receive notifications.
    Note: Selected recipients will receive notifications for all sites added on the conditions page, even if the user is not assigned to the site in OneView. 
  14. Select notification tiles based on the desired content you want the email or call webhook notification to contain. See the Delivery table below for more information.
  15. Click Complete to finish setting up the notification.

Categories and conditions

This table details all notification categories and conditions for Vulnerability and Patch Management in OneView.

Category Operations Condition

Endpoint agent activity

  • Vulnerability status: Notifies you of a found vulnerability based on the chosen conditions. 
  • is equal to 
  • is not equal to 
  • contains
  • does not contain
  • starts with
  • CISA recommended
    • True, False
  • Severity
    • All, Critical, Important, Moderate, Low, Unknown
    • Severity is set using the CVSS standard. 
  • Product/Application name
  • Vendor
  • Operating system
    • All, Windows, Mac

Endpoint agent activity

  • Software update: Notifies you when a software update is available. 
  • Patch applied: Notifies you when a patch is applied to an endpoint. 
  • Patch available: Notifies you when a software patch is available to install. 

 
  • is equal to 
  • is not equal to 
  • contains
  • does not contain
  • starts with
  • Status
    • All, Completed, Failed, Reboot required
  • Application name
  • Vendor
  • Severity
    • All, Critical, Important, Moderate, Low, Unknown
  • Operating system
    • All, Windows
  • Reboot required
    • Yes, No

Delivery

Notification tiles provide endpoint system details, software information, vulnerability, and patch reports when selected. The following notification tiles are available: 

Column Description
Application name Detected application name with the vulnerability or required update.
Category Type of patch available to install on the endpoint. 
CISA recommended
  • Shows if the vulnerability is found in the CISA managed catalog of known exploited vulnerabilities. 
  • Provides a link to the CISA catalog for the vulnerability if recommended in the column. 
CVE ID
  • Shows the CVE number as reported in the National Vulnerability Database.
  • Click on the CVE number to view additional vulnerability information and recommended remediation steps. 
Description Description of the available update or patch. 
Endpoint name Host name of the vulnerable or software available endpoint. 
Identified date Date the available patch was detected on the endpoint.
KB ID Knowledge base ID of the patch.
OS platform Operating system type of the endpoint.
OS version Operating system version number of the endpoint.
Patch applied date Date the patch was applied on the endpoint.
Patch title Name of the available patch on the endpoint. 
Update applied date Date the software update was applied on the endpoint. 
Updated version Version of the applied update on the endpoint. 
Reboot required Reboot status if required on the endpoint. 
Severity

Severity level of the detected vulnerability or required patch. Severity levels are:  

  • Critical 
  • High
  • Medium 
  • Low 
  • Unknown
Vendor name Vendor name of the installed software which is vulnerable or requiring a patch update. 
Vulnerability Identified date Date the vulnerability was detected on the endpoint.

 

Return to Vulnerability and Patch Management.

Still have questions?

Support is available via chat, phone or by creating a ticket. You can also use our virtual assistant for guided assistance.

Learn more