How to Generate a change item email about security_monkey HOT 11 OPEN

Hello:

So I will be completely honest with you, I completely forgot how to do this :), but then I remembered:
https://github.com/Netflix/security_monkey/blob/develop/docs/userguide.md#receiving-notification-mails

You need to go into settings, and in the Accounts view, there is a notifications section on the left hand side. Keep "change emails" set to "All", and then in the account list, there is a checkbox column for "Notify". Check the box of the accounts you want to see, and then when you are done, Click on the "Save" button in the Notifications Settings section.

from security_monkey.

@mikegrima,

Thanks for the response! I'll check this out and let you know how it goes as soon as I get a chance. Again, thanks for the help!

from security_monkey.

@mikegrima,

I checked your instructions as well as my current settings and see that these email notification settings are already set. I am able to receive emails, just not specifically "change item emails". More specifically, I'm not sure how to initiate a "change item email". I know there is a specific set of circumstances required to initiate this email, I just don't what they are.

from security_monkey.

To ask the obvious question: did you have any items with configuration changes?

from security_monkey.

I think this is where my confusion lies. I'm not sure how to change a configuration of an item. Let me tell you what I've done so far and maybe that can help resolve this issue:

1. I created a public Github repository.
2. Security Monkey through it's scheduler creates an item for that Github repository.
3. The newly created item has two issues, one stating that the repository has no protected branches and two, the github repository is public when it should be private.
4. I then update the Github repository and set it to private. I also change the name of the Github repository.
5. Security Monkey detects these changes and sends me a "Changes in Repository" email.

At first I thought Step 4 would be considered a configuration change to the item but I'm wrong.

Question: How can I change the item's configuration to initiate the "Change in Item" email?

from security_monkey.

Oooh you are using the GitHub plugin!

IIRC, the name of the repo is the unique name for it. So, if you change the name of the repo, then that should make a separate item entirely (I'm pretty sure this is true).

However, you should see that the "old item" is "deleted", as the next time the watcher runs (you can invoke this manually and confirm), it should note that the repository in question is no longer present and record a deletion configuration item.

from security_monkey.

After changing the name of the Github repo and running monkey find_changes -a all -m all inside the secmonkey-worker docker image, the only email I get is the "Changes in Repository" email. And just for reference, you're right, a new item is created when the github repo name changes.

I understand that I'm asking such a weird specific question and I appreciate the help. I'll look further into the code and try to find another way to change an item configuration.

from security_monkey.

I am open to testing this on a different platform like Amazon in order to get this tested. I've attempted various approaches and just can't get this email generated using Github repositories.

from security_monkey.

Mike,

If you have any new input on this let me know. I'm going to try and test using an AWS account to hopefully trigger this email. If there is a way I can do this via console that will suffice as well. My ultimate goal is to see how the email is generated. Thanks again for your help thus far.

from security_monkey.

Unfortunately, without debugging and digging in it's hard to diagnose why the code isn't being called.

from security_monkey.

Totally fair, I'll keep plugging away at this and see what I can come up with.

from security_monkey.