base/frameworks/notice/actions/pp-alarms.zeek¶
-
Notice
¶
Notice extension that mails out a pretty-printed version of notice_alarm.log in regular intervals, formatted for better human readability. If activated, that replaces the default summary mail having the raw log output.
- Namespace
Notice
- Imports
Summary¶
Redefinable Options¶
Address to send the pretty-printed reports to. |
|
Activate pretty-printed alarm summaries. |
State Variables¶
If an address from one of these networks is reported, we mark the entry with an additional quote symbol (i.e., “>”). |
|
Force generating mail file, even if reading from traces or no mail destination is defined. |
Functions¶
Function that renders a single alarm. |
Detailed Interface¶
Redefinable Options¶
-
Notice::mail_dest_pretty_printed
¶ -
Address to send the pretty-printed reports to. Default if not set is
Notice::mail_dest
.Note that this is overridden by the ZeekControl MailAlarmsTo option.