# Configuring Integration Alerts

Nightfall for macOS and Nightfall for Windows OS allow you to configure alerts at the policy level and also at the integration level. 

You can navigate to the alerts page by executing the following steps:

1. Click **Integrations** in the left pane. 
2. Click **Manage** for either **Endpoint macOS or Endpoint Windows** widget.
3. Click the **Alerting** tab.

<figure><img src="https://3764378997-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FZeqNSdo8J8cLJPU3Gs5M%2Fuploads%2FMYocyCKtc09OogAN8bkR%2Fimage.png?alt=media&#x26;token=63f79072-c4f4-4546-94b6-f34db0a82516" alt="" width="563"><figcaption></figcaption></figure>

Alerts can be sent in macOS and windows OS policies by using the following alert channels.

* Slack
* Email
* Webhook
* Jira Tickets

<figure><img src="https://3764378997-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FZeqNSdo8J8cLJPU3Gs5M%2Fuploads%2F341FxnpnRKV0A2XxcUXu%2Fimage.png?alt=media&#x26;token=fd68cc82-8475-4941-90ab-5e80fb77bfb3" alt=""><figcaption></figcaption></figure>

When you configure alert settings at the integration level, the alert settings apply to all the policies, created for the macOS/Windows OS integration. However, when you configure alert settings specifically for a policy, which is created in the macOS/Windows OS integration, the alert settings are applicable only for that specific policy.

This document explains how to configure alerts at the integration level. To learn about how to configure alerts at the policy level, read [this document](https://help.nightfall.ai/data-exfiltration-prevention/policies/advanced_settings#admin-alerting).

### Prerequisites <a href="#prerequisites" id="prerequisites"></a>

* To use Slack as an alert platform, you must first perform the required Slack configurations. You can refer to [this document](https://help.nightfall.ai/nightfall-ai/detection/setting-up-slack-as-an-alert-channel-in-nightfall) to learn more about how to configure Slack as an Alert platform.
* To use Webhook as an alert platform, you must first perform the required Webhook configurations. You can refer to [this document](https://help.nightfall.ai/nightfall-ai/operationalizing-dlp/integrating-with-security-tools/integrating-with-siem#configuring-outgoing-webhooks)[ ](https://help.nightfall.ai/nightfall-ai/operationalizing-dlp/integrating-with-security-tools/integrating-with-siem#configuring-outgoing-webhooks)to learn more about how to configure Webhook as an Alert platform.
* To use JIRA as an alert platform, you must have the DLP for the JIRA app installed from the [Atlassian Marketplace](https://marketplace.atlassian.com/apps/1226823/dlp-for-jira-nightfall-ai?tab=overview\&hosting=cloud). You can read more about the DLP for JIRA integration [here](https://help.nightfall.ai/nightfall-ai/nightfall-for-jira/getting-started/installing-nightfall-for-jira).

### Configure Alerts at the Integration Level <a href="#configure-alerts-at-the-integration-level" id="configure-alerts-at-the-integration-level"></a>

You can configure alerts at the integration level once you have installed the Nightfall for macOS/ Nightfall for Windows OS integration.

To configure alerts at the integration level:

1. Navigate to the macOS integration
2. Scroll down to the **Alerting** section.
3. You can configure one or multiple alert channels.

#### Configuring Slack as an Alert Channel <a href="#configuring-slack-as-an-alert-channel" id="configuring-slack-as-an-alert-channel"></a>

1. To configure Slack as an alert channel, click **+ Slack channel**.

<figure><img src="https://3764378997-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FZeqNSdo8J8cLJPU3Gs5M%2Fuploads%2FAt6KF5DWymQd42qm5Vkn%2Fimage.png?alt=media&#x26;token=61479205-49b6-4890-ac90-2a8377572763" alt=""><figcaption></figcaption></figure>

2. In the **Slack alert channel** field, enter the name of the Slack channel in which you wish to receive the alerts.
3. Click **Save**.

<figure><img src="https://3764378997-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FZeqNSdo8J8cLJPU3Gs5M%2Fuploads%2FKNL0HFIWG86qRWwzRp8T%2Fimage.png?alt=media&#x26;token=b330ccfc-6516-4123-a8fc-f42e64ce685f" alt=""><figcaption></figcaption></figure>

A confirmation pop-up box is displayed to confirm if the Slack channel (entered in the second step) must be used only for macOS integration or all the Nightfall integrations.

4. Select **No, only integration level** to use the Slack channel only for macOS, or select **Yes, please** to use the selected Slack channel for all the Nightfall integrations.

<figure><img src="https://3764378997-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FZeqNSdo8J8cLJPU3Gs5M%2Fuploads%2F9ydwkLx1WYbo6ZymPKRV%2Fimage.png?alt=media&#x26;token=55869370-24f2-4272-bdeb-a15994b14073" alt="" width="563"><figcaption></figcaption></figure>

#### Configuring Email as an Alert Channel <a href="#configuring-email-as-an-alert-channel" id="configuring-email-as-an-alert-channel"></a>

1. Click **+ Email**.

<figure><img src="https://3764378997-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FZeqNSdo8J8cLJPU3Gs5M%2Fuploads%2F6rrEEpmkPTPWHAi7y7I0%2Fimage.png?alt=media&#x26;token=7980dd98-1140-4702-abc3-b30bd9040fe3" alt=""><figcaption></figcaption></figure>

2. Enter the Email ID of the recipient who should receive the notification&#x73;**.**
3. Click **Save.**

<figure><img src="https://3764378997-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FZeqNSdo8J8cLJPU3Gs5M%2Fuploads%2FvMui3gGsnfy4jq34rD5S%2Fimage.png?alt=media&#x26;token=3eebb131-28af-45cf-a40e-4dbaa43546bc" alt=""><figcaption></figcaption></figure>

A confirmation pop-up box is displayed to confirm if the Email ID (entered in the second step) must be used only for macOS integration or all the Nightfall integrations.

4. Select **No, only integration level** to use the Slack channel only for macOS, or select **Yes, please** to use the selected email address for all the Nightfall integrations.

#### Configuring Webhook as an Alert Channel <a href="#configuring-webhook-as-an-alert-channel" id="configuring-webhook-as-an-alert-channel"></a>

1. Click **+ Webhook**.
2. Enter the Webhook URL.
3. Click **Test**. If the test result is not successful, check the Webhook URL.
4. (Optional) Click **Add Header** to add headers.
5. Click **Save**.

<figure><img src="https://3764378997-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FZeqNSdo8J8cLJPU3Gs5M%2Fuploads%2FQQzeARiEw9usEbittkl3%2Fimage.png?alt=media&#x26;token=253b395f-5ab8-4560-9b3e-f5523fbe978d" alt=""><figcaption></figcaption></figure>

{% hint style="info" %}
When you configure alerts to a Webhook, Nightfall AI sends occasional posts to:

* To validate that the Webhook is properly configured before the policy is saved.
* Periodically thereafter to ensure that the Webhook is still valid.

The response to the test Webhooks is `200` status code if successful.

An example of Webhook request is as follows.

```json
{
  "service": "nightfall",
  "test": true,
  "timestamp": "2024-03-07T23:18:39Z"
}
```

This is part of alert event consumption and can be ignored.
{% endhint %}

#### **Configuring JIRA as an Alert Channel** <a href="#configuring-jira-as-an-alert-channel" id="configuring-jira-as-an-alert-channel"></a>

1. Click **+ Jira Ticket.**
2. Select a JIRA project from the **Jira Project** drop-down menu.
3. Select an issue type from the **Issue Type** drop-down menu.
4. (Optional) Add comments to be added in the JIRA ticket.
5. Click **Save changes**.

<figure><img src="https://3764378997-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FZeqNSdo8J8cLJPU3Gs5M%2Fuploads%2FF34rcJ8HH44S3Z7WUXQX%2Fimage.png?alt=media&#x26;token=c935fa1c-555a-4021-9761-b27f4d14c579" alt=""><figcaption></figcaption></figure>

A confirmation pop-up box is displayed to confirm if the JIRA settings configured for the macOS integration must be applied to all the other Nightfall integrations too.

6. Select **No, only integration level** to use the configurations only for macOS, or select **Yes, please** to use the selected JIRA configurations for all the Nightfall integrations.

<figure><img src="https://3764378997-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FZeqNSdo8J8cLJPU3Gs5M%2Fuploads%2FIHvTqo2FtZ1tqYrwfTd9%2Fimage.png?alt=media&#x26;token=dce9756b-8151-4fff-87cc-6254e34b4a3e" alt="" width="563"><figcaption></figcaption></figure>

## Configure End-User Notifications <a href="#configure-end-user-notification" id="configure-end-user-notification"></a>

When a Violation occurs, Nightfall sends a notification to the end-user whose actions triggered the violation. While notifying the end-user, Nightfall also sends a text message. You can draft the text message to be sent to the end-user. This message applies to all the policies. Click **Save changes** once done.

<figure><img src="https://3764378997-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FZeqNSdo8J8cLJPU3Gs5M%2Fuploads%2FN4j0rSNjfQXKnFuQ9fek%2Fimage.png?alt=media&#x26;token=bf114da9-1b06-4fb7-ab12-9a8215e15b04" alt="" width="563"><figcaption></figcaption></figure>