How to parse email notifications

The Panorama9 system will send a notification when issues are detected or resolved. To receive notifications you need to configure the Panorama9 system through the dashboard with the types of issues you wish to be notified about and the recipient email address (click here to read more).

Email notifications are sent to the recipient's inbox and includes detailed information about the detected or resolved issue and useful links to the Panorama9 dashboard. The notification contains an HTML and text part and depending on your email client either may be shown.

Parsing a Panorama9 notification is easy since it contains email headers with all the information also found in the body of the message. This means that you don't have to figure out how to handle encoding or traverse multi-part messages. Essential if you wish to further process the notifications or integrate the detected issue with e.g. CMS (Case Management Systems).

 

Notification sender and subject

Notifications are sent with the sender "noreply@panorama9.com" and subject:

[P9] device – area > category > issue type (id: number) – issue detected/resolved.

Example of subject: [P9] server01 - availability > servers > unreachable (id: 17-2612) - issue detected

 

  • server01: is the name of the device, but if the notification is regarding an issue that isn't directly related to a device this part is empty, e.g. issues detected when checking your SMTP service,
  • availability: is the Area the issue is related to. It may be any of Vulnerability, Availability or Compliance,
  • servers: is the Category the issue is related to. It may be any of the Categories each Area covers.
  • unreachable: is the Issue type. It may be any of the checks each Category covers.
  • (id: integer-integer) unique ID that identifies the issue,
  • issue detected/resolved: status of the issue.

Consider adding the Panorama9 notification sender "noreply@panorama9.com" to your antispam solution as a trusted email address.

 

Parsing and understanding additional Panorama9 email headers

Any information found in the body of the Panorama9 notification is also added as a series of "X-P9-" email headers. The content of the headers will only contain US ACSII text and any extended characters will be replaced with underscore (_). Here are the email headers included in the Panorama9 notification:

 

X-P9-Device-Name: server01

X-P9-Device-Type: server

X-P9-Device-Ip: 172.16.132.110

If the detected issue is related to a device these headers lists the computer, type of OS and it's IPv4 address.

 

X-P9-Area: availability

X-P9-Category: servers

X-P9-Issue-Type: unreachable

X-P9-Issue-Id: 17-2612

Information about Area, Category, Issue type and Issue Id.

 

X-P9-Status: 0

X-P9-Issue-Text: issue detected

If the notification is regarding a new issue the status will be zero (0) and one (1) once a resolved notification is sent. The issue text will always be "issue detected" or "issue resolved".

 

X-P9-Message: Monitored device is currently unreachable

Additional Information about detected or resolved issue.

 

X-P9-Company-Name: MyDomain Inc.

Name of the company.

 

X-P9-Device-Domain: addomain.local

If the issue is regarding a server or a computer this header will show the domain it belongs to.

 

X-P9-Device-Url: https://dashboard.panorama9.com/portal#...

X-P9-Issue-Url: https://dashboard.panorama9.com/portal/#...

Links to the Panorama9 dashboard with more information about the issue.

 

HTML version of the notification

Most modern email clients will by default show the HTML part of emails. Panorama9 notifications contains both a HTML and a Text part, where the HTML part is styled to look and work as the Panorama9 dashboard.

 notification.png

The computer/hostname of the device that encountered an issue will be clearly visible together with its IPv4 address. Together with the issue description it should allow you to quickly take any needed steps to correct the issue.

The URLs links to the Panorama9 dashboard and you can use them to get more information about the device, devices with similar issues or all issues in the same Area. Login credentials are required to access the URL links, so any notification may be forwarded or otherwise disclosed to people you wish to inform about detected issues, but not give access to the Panorama9 dashboard.

 

Text version of the notification

If your email client doesn't support HTML emails you will still be able to get detailed information about detected issues. Email clients without HTML support will default to display the Text part of a message and the Panorama9 notification contains a UTF-8 encoded text part.

 notifications_text.png

If parsing the emails headers isn't a solution you can use, then it's suggested that you try the text part of the message. Most email clients also offer robust filtering based on the content of the message body where the text part gives you easy to use strings of text that describes the issue.

Last updated:

Comments