Solved: How to send a Security Alert from Smart-1

TSOL · ‎2024-12-10

Hello ALL

I understand from reading SK25941 and other resources that email alerts can be sent using methods like SmartEvent or SmartDashboard.

However, is it possible to send alerts detected by Threat Prevention on Smart-1 to chat tools like Microsoft Teams?

Thank You in Advance

Chris_Atkinson · ‎2024-12-10

Explore Infinity Playblocks for this type of requirement.

https://sc1.checkpoint.com/documents/Infinity_Portal/WebAdminGuides/EN/Playblocks-Admin-Guide/Conten...

CCSM R77/R80/ELITE

View solution in original post

G_W_Albrecht · ‎2024-12-10

No, this uses sendmail.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Chris_Atkinson · ‎2024-12-10

Explore Infinity Playblocks for this type of requirement.

https://sc1.checkpoint.com/documents/Infinity_Portal/WebAdminGuides/EN/Playblocks-Admin-Guide/Conten...

CCSM R77/R80/ELITE

PhoneBoy · ‎2024-12-10

In the Threat Prevention policy, you can set the Track field to something other than Log (e.g. Alert).
Those log types can execute a script, which must exist on the management.
You specify the full path to the script in Global Properties:

For an example script, see: https://community.checkpoint.com/t5/Management/SmartEvent-External-Script-for-Mail/m-p/78994
It references SmartEvent here, but the script format is the same.

Or, as @Chris_Atkinson said, look at Infinity Playblocks.

Tomer_Noy · ‎2024-12-11

Indeed, Playblocks has Teams and Slack integration.

Very soon, we'll add customization for playbooks that will allow you to further customize on which specific events you want to alert.

Are you a member of CheckMates?

How to send a Security Alert from Smart-1