Reputation: 21
filtering dependency-track vulnerabilities notification
I have a dependency-track server that sends notifications to email for all new vulnerabilities. I would like to send notifications only for critical vulnerabilities. In the pebble templates, I would like to have something like this:
{% if subject.vulnerability.severity == "CRITICAL" %}
// send notifications
{% else %}
// do not send any notification
{% endif %}
Any idea?
I tried to use the template below, but it continues to send empty notifications also for those vulnerabilities with severity High, Medium and Minor. In the else statement I should have something that invalidates the template.
{% if notification.group == "NEW_VULNERABILITY" %}
{% if subject.vulnerability.severity == "CRITICAL" %}
{{ notification.title }}
--------------------------------------------------------------------------------
Vulnerability ID: {{ subject.vulnerability.vulnId }}
Severity: {{ subject.vulnerability.severity }}
Source: {{ subject.vulnerability.source }}
Component: {{ subject.component.toString }}
Component URL: {{ baseUrl }}/component/?uuid={{ subject.component.uuid }}
Project: {{ subject.component.project.name }}
Version: {{ subject.component.project.version }}
Description: {{ subject.component.project.description }}
Project URL: {{ baseUrl }}/projects/{{ subject.component.project.uuid }}
{% if notification.subject.affectedProjects|length > 1%}
--------------------------------------------------------------------------------
Other affected projects:
{% for affectedProject in notification.subject.affectedProjects %}
{% if not (affectedProject.uuid == subject.component.project.uuid) %}
Project:[{{affectedProject.name}} : {{ affectedProject.version }}]
Project URL:{{ baseUrl }}/project/{{ affectedProject.uuid }}
{% endif %}
{% endfor %}
{% endif %}
--------------------------------------------------------------------------------
{{ notification.content }}
--------------------------------------------------------------------------------
{{ timestamp }}
{% endif %}
{% endif %}
Upvotes: 0
Views: 502
Answers (1)
Reputation: 1
If you haven't found your answer already, you should be able to achieve this through the policy violations.
Add a policy configuration to detect components with critical vulnerabilities.
You can then configure your notifications based on policy violations.
Upvotes: 0
Related Questions
- Error: Failed to launch the browser process puppeteer
- Puppeteer - Protocol error (Page.navigate): Target closed
- Why is puppeteer reporting "UnhandledPromiseRejectionWarning: Error: Navigation failed because browser has disconnected!"?
- Puppeteer Execution context was destroyed, most likely because of a navigation
- Puppeteer throws "UnhandledPromiseRejectionWarning: TimeoutError: Navigation Timeout Exceeded" sometimes
- Puppeteer throws "Protocol error (IO.read): Target closed." now and again
- UnhandledPromiseRejectionWarning: Error: Protocol error (Runtime.callFunctionOn): Target closed. (Puppeteer)
- Puppeteer error: "failed to launch the browser process"
- Puppeteer Error: Failed to launch the browser process!, pthread_create, ERROR:platform_thread_posix.cc(135), resource temporarily unavailable (11)
- Puppeteer: Session closed. Most likely the page has been closed