Modify threat detection email notification pages
The IBM® Verify Threat detection email notification pages can be customized according to the business requirements. Threat notification email pages are sent to the user emails when there is threat detected for specific tenant and threat detection policy is enabled.
To update the threat detection email notification pages, download the compressed theme file. Edit the pages as needed and then upload the updated theme files back to your Verify tenant. For more information, see Updating a theme.
Text changes can be made to the pages by using XML markup. The XML files also contain macros. Macros are characters between the @ symbol where the data is rendered at run time. Don't change the macros in the files.
The IBM Verify threat detection email notification pages are located in the templates\notifications\threat_detection directory within the themes compressed file.
- $PRODUCT_NAME$
This email page is sent to the tenant in which the threat detection policy is enabled along with email notification. The tenant is being alerted for any attack like multiple failed login, credentials stuffing attack. Update the threat_detection_email.xml file to modify the pages.
The macros for this page are shown in the following table.
| Macro | Value that replaces the macro |
|---|---|
| @USER_FRIENDLY_NAME@ | The user name to be notified for threat alert. |
| @THREAT_ALERT_RULE@ | This is threat detection rule name. |
| @THREAT_SUSPICIOUS_IP@ | This contains suspicious IP addresses detected during threat detection. |
| @SEVERITY@ | This is the severity of threat alert generated by threat detection. |
| @VERIFY_THREAT_DETECTION_DOC_LINK@ | This is Threat detection documentation page for reference. |
| @VERIFY_THREAT_DETECTION_REPORT_LINK@ | This is threat detection reporting page for event data details of specific tenant. |
To change the page header, footer, and style on the flow error pages, see Create common branding.