Step 3: Configure Notifications

Last updated 17 days ago

Step 3: Configure Notifications

Effective alerting is key to responding to security detections promptly. The Garnet Platform offers a couple of ways to set up notifications.

Option 1: Basic Configuration via the Onboarding Guide

If you are following the , the final step of the guided setup allows for quick configuration of Slack notifications.

During Onboarding: The "Notifications" step in the Onboarding Guide prompts you to enable webhook notifications and provides a field to enter your Slack Incoming Webhook URL.
(This image is also shown in the Quick Start Guide)
Simplicity: This method is designed for ease of use and sets up a common notification channel quickly.
High-Confidence Alerts: Garnet is designed to send high-confidence, high-impact alerts, ensuring that notifications you receive are actionable.

If you configured notifications during the onboarding, you might not need to immediately adjust settings further unless you have more specific requirements.

Option 2: Advanced Configuration via the Settings Page

For more granular control over which event types trigger notifications and to configure custom webhook destinations beyond the initial Slack setup in the Onboarding Guide, use the main "Settings" page in the Garnet Platform.

Navigate to Settings:
- Log in to your Garnet Platform dashboard (https://dashboard.garnet.ai).
- From any page, click the "Settings" button in the main navigation menu. This will take you to the Settings page (typically https://dashboard.garnet.ai/settings).
Configure Notification Settings:
- Within the Settings page, locate the "Notification Settings" section.
- Here you can typically configure:
  - Event Types: Select which specific security event types should trigger webhook notifications (e.g., "Network Exfiltration," "Crypto Miner").
  - Webhook Destinations: Manage your list of webhook endpoints. You can add, edit, or remove webhooks for various external systems (e.g., generic SIEM/SOAR tools, custom alert handlers).
Adding a New Webhook Destination (Example):
- Click on "Create Webhook" (or similar).
- Provide a Name for the webhook (e.g., "SIEM Alerting").
- Select the Kind of webhook (e.g., "Generic JSON," or specific types if offered).
- Enter the URL Endpoint of your external system that will receive the alert data.
- Save the webhook configuration.
Save Changes: Ensure you save any modifications made to event type selections or webhook configurations.

Important Note on Alerts vs. Issues:

Remember that all detected security events will still appear on the "Issues" page (typically https://dashboard.garnet.ai/issues) within the Garnet Platform, regardless of your external notification settings.
Configuring external notifications (like Slack or webhooks) is therefore optional but highly recommended for timely awareness of critical events.

By using these options, you can tailor Garnet's alerting to fit your team's specific workflows and response procedures. You can start with the simple Slack setup during onboarding and later refine your alerting strategy via the Settings page as your needs evolve.

With API keys generated, agents deployed, and notifications configured, your Garnet Platform is now set up for monitoring your environments and alerting you to potential security threats, such as malicious network connections or crypto mining activities.

Last updated 17 days ago

Effective alerting is key to responding to security detections promptly. The Garnet Platform offers a couple of ways to set up notifications.

Option 1: Basic Configuration via the Onboarding Guide

If you are following the , the final step of the guided setup allows for quick configuration of Slack notifications.

During Onboarding: The "Notifications" step in the Onboarding Guide prompts you to enable webhook notifications and provides a field to enter your Slack Incoming Webhook URL.
(This image is also shown in the Quick Start Guide)
Simplicity: This method is designed for ease of use and sets up a common notification channel quickly.
High-Confidence Alerts: Garnet is designed to send high-confidence, high-impact alerts, ensuring that notifications you receive are actionable.

If you configured notifications during the onboarding, you might not need to immediately adjust settings further unless you have more specific requirements.

Option 2: Advanced Configuration via the Settings Page

Navigate to Settings:
- Log in to your Garnet Platform dashboard (https://dashboard.garnet.ai).
- From any page, click the "Settings" button in the main navigation menu. This will take you to the Settings page (typically https://dashboard.garnet.ai/settings).
Configure Notification Settings:
- Within the Settings page, locate the "Notification Settings" section.
- Here you can typically configure:
  - Event Types: Select which specific security event types should trigger webhook notifications (e.g., "Network Exfiltration," "Crypto Miner").
  - Webhook Destinations: Manage your list of webhook endpoints. You can add, edit, or remove webhooks for various external systems (e.g., generic SIEM/SOAR tools, custom alert handlers).
Adding a New Webhook Destination (Example):
- Click on "Create Webhook" (or similar).
- Provide a Name for the webhook (e.g., "SIEM Alerting").
- Select the Kind of webhook (e.g., "Generic JSON," or specific types if offered).
- Enter the URL Endpoint of your external system that will receive the alert data.
- Save the webhook configuration.
Save Changes: Ensure you save any modifications made to event type selections or webhook configurations.

Important Note on Alerts vs. Issues:

Remember that all detected security events will still appear on the "Issues" page (typically https://dashboard.garnet.ai/issues) within the Garnet Platform, regardless of your external notification settings.
Configuring external notifications (like Slack or webhooks) is therefore optional but highly recommended for timely awareness of critical events.

You can now proceed to explore the section to learn about the dashboard, viewing events, and managing your security posture.