Comments (11)
Hello:
So I will be completely honest with you, I completely forgot how to do this :), but then I remembered:
https://github.com/Netflix/security_monkey/blob/develop/docs/userguide.md#receiving-notification-mails
You need to go into settings, and in the Accounts view, there is a notifications section on the left hand side. Keep "change emails" set to "All", and then in the account list, there is a checkbox column for "Notify". Check the box of the accounts you want to see, and then when you are done, Click on the "Save" button in the Notifications Settings section.
from security_monkey.
Thanks for the response! I'll check this out and let you know how it goes as soon as I get a chance. Again, thanks for the help!
from security_monkey.
I checked your instructions as well as my current settings and see that these email notification settings are already set. I am able to receive emails, just not specifically "change item emails". More specifically, I'm not sure how to initiate a "change item email". I know there is a specific set of circumstances required to initiate this email, I just don't what they are.
from security_monkey.
To ask the obvious question: did you have any items with configuration changes?
from security_monkey.
I think this is where my confusion lies. I'm not sure how to change a configuration of an item. Let me tell you what I've done so far and maybe that can help resolve this issue:
- I created a public Github repository.
- Security Monkey through it's scheduler creates an item for that Github repository.
- The newly created item has two issues, one stating that the repository has no protected branches and two, the github repository is public when it should be private.
- I then update the Github repository and set it to private. I also change the name of the Github repository.
- Security Monkey detects these changes and sends me a "Changes in Repository" email.
At first I thought Step 4 would be considered a configuration change to the item but I'm wrong.
Question: How can I change the item's configuration to initiate the "Change in Item" email?
from security_monkey.
Oooh you are using the GitHub plugin!
IIRC, the name of the repo is the unique name for it. So, if you change the name of the repo, then that should make a separate item entirely (I'm pretty sure this is true).
However, you should see that the "old item" is "deleted", as the next time the watcher runs (you can invoke this manually and confirm), it should note that the repository in question is no longer present and record a deletion configuration item.
from security_monkey.
After changing the name of the Github repo and running monkey find_changes -a all -m all
inside the secmonkey-worker docker image, the only email I get is the "Changes in Repository" email. And just for reference, you're right, a new item is created when the github repo name changes.
I understand that I'm asking such a weird specific question and I appreciate the help. I'll look further into the code and try to find another way to change an item configuration.
from security_monkey.
I am open to testing this on a different platform like Amazon in order to get this tested. I've attempted various approaches and just can't get this email generated using Github repositories.
from security_monkey.
Mike,
If you have any new input on this let me know. I'm going to try and test using an AWS account to hopefully trigger this email. If there is a way I can do this via console that will suffice as well. My ultimate goal is to see how the email is generated. Thanks again for your help thus far.
from security_monkey.
Unfortunately, without debugging and digging in it's hard to diagnose why the code isn't being called.
from security_monkey.
Totally fair, I'll keep plugging away at this and see what I can come up with.
from security_monkey.
Related Issues (20)
- not getting description of Unknown issue HOT 2
- Problemas al ejecutar pub get
- Error al ejecutar Pub build HOT 2
- Ubuntu- Create a Self Signed SSL Certificate
- error when running monkey db upgrade HOT 4
- Google SSO Crashes on /api/1/auth/providers HOT 1
- botocore.exceptions.ClientError: An error occurred (AccessDenied) when calling the AssumeRole operation: Access denied HOT 11
- Hardcoded reference to Riot Games HOT 4
- No way to see what we are about to justify
- monkey db upgrade fails HOT 2
- ALB/ELB scans are not working HOT 4
- monkey db upgrade - issues HOT 5
- frequent null value in column "item_id" violates not-null constraint exception HOT 4
- monkey db upgrade is throwing error HOT 1
- monkey db upgrade issue is still there HOT 1
- Python 3 inconsistent list ordering causing frequent change detections
- pkg_resources.DistributionNotFound: The 'octodns' distribution was not found and is required by the application HOT 1
- Where to Submit a Security Vulnerability
- How to run SecMonkey locally HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from security_monkey.