Skip to main content

Set up Application Block notifications in Nebula

Updated: 

Set up notifications to receive alerts when applications are blocked by your configured block rules. Use the Notifications settings to choose which notifications you want to receive. For more information on all notifications, see Set up notifications in Nebula.

Configure notifications

  1. On the left navigation menu, go to Configure > Notifications.
  2. Click New notification to set up a new Nebula notification. 
  3. On the General settings step, fill out the information and click Next.
    • Notification name: Title for the notification.
    • Description: A brief description of the notification.
    • Owner: The owner of the notification. This field is automatically set to the logged-in user. Notifications can be modified by any Super Admins or the notification owner. Super Admins can change the notification owner if required.
  4. On the Category step, select Endpoint agent activity > Application block and click Next.
  5. On the Conditions step, select your Conditions to filter out unwanted notifications. Click the add or delete button on the right side to add or remove a condition, then click Next. The following conditions are available for this category:
    • Endpoint
    • Group
  6. On the Delivery step, select a delivery method(s) and click Next.
    • For Email or Call Webhook:
      1. Enter a subject for the Subject line.
      2. Select available email recipients in the drop down menu, or enter custom email recipients to receive notifications.
    • For ThreatDown admin app, you must click Allow notifications in the mobile app under Settings > Notifications
    • For Slack:
      • Select Slack channels from the drop-down list. These are public channels pulled from your workspace and include private channels if configured in Slack.
    • For Microsoft Teams:
      • Select Teams conversations from the drop down list. These conversations are pulled from your workspace where the Malwarebytes Notifications app is added.
  7. On the Content step, toggle Enable aggregation, if you want to group multiple alerts into a single notification. If enabled, select an Interval and view type.
    • Summary view: Provides a brief overview of the events found with an attached CSV document containing the full details and a link to view the events directly in the console. If an admin has already acted on the alerts, the information in the console may not match the data in the CSV file.
    • Detailed view: Contains the full details of the events in the notification email itself.
  8. Select tiles based on the desired content you want the email or webhook notification to contain. 
  9. Click Complete when to finish setting up the notification.

 

Return to Application Block guide for Nebula

Still have questions?

Support is available via chat, phone or by creating a ticket. You can also use our virtual assistant for guided assistance.

Learn more