0

How To: Create Notification when Processing is Disabled / Enabled

Info:

This article describes how to create a notification template and notification rules to inform end users and system administrators when Processing is enabled or disabled when using WebAdmin and retired when using Aperture.

Applies To:

All Versions of Director 6.1.2 and above, TrustAuthority / TrustForce 14 for WebAdmin

All Versions of Director 10 and above, TrustAuthority / TrustForce 14 for Aperture

Instructions:

  1. In order to create the HTML version of the notification, you will need to Remote Desktop into the Director Server and Launch the Venafi Windows Administration Console from the Start Menu.

  2. Open the Venafi Windows Administration Console, if you haven't already, and login as a user that has Create/Write access to the Logging tree.  This is typically a Master Administrator account.

  3. Select the "Logging Tree" from the tree selector.
    Screen_Shot_2015-01-05_at_22.07.18.png

  4. Right click on "Channels" and choose Add => Channels => SMTP
    Screen_Shot_2015-01-05_at_22.08.02.png

  5. Name the new Channel anything that suites your naming structure.  Here we will call ours "Processing Disabled / Enabled".  Click "Create"
    Screen_Shot_2015-01-05_at_22.15.04.png


  6. Click on our new SMTP Channel object called "Processing Disabled / Enabled" from the Tree view on the left.
    Screen_Shot_2015-01-05_at_22.15.39.png
  7. Under the SMTP Channel Settings, Host, Credentials, Sender, and TLS should be completed automatically.  If not, look at another SMTP Channel for what these values should be.

    Host: this is the FQDN or IP address of your email server
    Credentials: These are the credentials for Director to authenticate to your email server. (May not be required, some enterprises use anonymous whitelisting by IP address.  See your Email Administration Team for details).
    Sender: This is the email address that will appear in the "From:" line of emails generated by this email template.  Some email servers require the Sender Email be the one that is tied to the credentials used to authenticate to the email server.  See Email Administration Team for details.
    TLS: This tells Director whether to use SSL/TLS to authenticate/communicate with the email server.

  8. Use the table below to complete the remaining fields on the SMTP Channel Settings

    Recipient(s):

    $ContactEmail[$Event.Component$]$

    (Note: this will return who ever the Contact is for the Certificate/Application)

     CC:  $AdminEMail$

    (Note: this Macro will return the email address of the local account named "Admin".  If this account does not exist, please enter a comma separated list of email addresses of Venafi Director administrators)
    Subject:  Processing for the certificate $CN[$Event.Component$]$ is $If[$Config[$Event.Component$,Disabled]$, 0, enabled, is disabled. ACTION REQUIRED]$.
     Log Delivery:  Checked

    (Note: This is recommended to be checked. This will place an event in the logs for every successful and failed delivery this email template attempts)
    Screen_Shot_2015-01-05_at_22.18.01.png

  9. Click on the "Plaintext Message" tab and paste the following text into the Plaintext Message textbox.
    Processing for the certificate $CN[$Event.Component$]$ is $If[$Config[$Event.Component$,Disabled]$, 0, enabled, is disabled. ACTION REQUIRED]$.

    Processing for the certificate $CN[$Event.Component$]$ is $If[$Config[$Event.Component$,Disabled]$, 0, enabled, is disabled. ACTION REQUIRED]$.

    You are receiving this email because processing for this certificate has been $If[$Config[$Event.Component$,Disabled]$, 0, enabled, disabled]$.

    Check the certificate using the below link:
    https://$Hostname$/vedadmin/Default.aspx?tsel=Policy&tfil=&tdn=$Event.Component$&tclik=false&topt=query%3D%26qcomp%3Dname%26qmatch%3Dstartswith%26loadChildren%3Dtrue%26loadRelatedObjects%3Dtrue%26expandsearch%3Dfalse%26filter%3DAll%26aliases%3Dfalse%26&dsel=Config%3AX509%20Certificate&ddn=$Event.Component$&catid=Certificate&dtab=Venafi.Admin.Plugin.Web.CertificateView&dico=certificate.png

    If this is intended, please ignore this email.
    Screen_Shot_2015-01-05_at_22.20.15.png

  10. Click on the "HTML Message" tab and click on the "Show Markup" button.
    Screen_Shot_2015-01-05_at_22.20.59.png

  11. Replace the existing HTML code with the code below:

    <BODY scroll=auto><TABLE cellSpacing=0 width="100%" border=0>
    <TBODY>
    <TR>
    <TD><!-- table layer 1 -->
    <TABLE align=center>
    <TBODY>
    <TR>
    <TD style="PADDING-BOTTOM: 0px; PADDING-TOP: 30px; PADDING-LEFT: 15px; PADDING-RIGHT: 15px; BACKGROUND-COLOR: #ededed"><!-- table layer 2 -->
    <TABLE style="FONT-SIZE: 16px; FONT-FAMILY: Helvetica,Arial,sans-serif; COLOR: #000000" cellSpacing=0 cellPadding=0 width=650 border=0>
    <TBODY>
    <TR>
    <TD style="FONT-SIZE: 18px; FONT-WEIGHT: bold; COLOR: white; PADDING-BOTTOM: 22px; PADDING-TOP: 25px; PADDING-LEFT: 40px; PADDING-RIGHT: 40px; BACKGROUND-COLOR: orange; text-shadow: 1px 1px 1px #e1912c" bgColor=orange>Processing for the certificate $CN[$Event.Component$]$ is $If[$Config[$Event.Component$,Disabled]$, 0, enabled, disabled. <STRONG>ACTION REQUIRED</STRONG>]$.</TD></TR>
    <TR>
    <TD style="FONT-SIZE: 18px; PADDING-BOTTOM: 50px; PADDING-TOP: 30px; PADDING-LEFT: 40px; PADDING-RIGHT: 40px; BACKGROUND-COLOR: #fff" bgColor=#fff>
    <P><FONT size=2>Processing for the certificate $CN[$Event.Component$]$ is $If[$Config[$Event.Component$,Disabled]$, 0, enabled, disabled. <STRONG>ACTION REQUIRED</STRONG>]$.</P></FONT>
    <P></P>
    <P><FONT size=2></P>You are receiving this email because processing for this certificate has been $If[$Config[$Event.Component$,Disabled]$, 0, enabled, disabled]$.</FONT>
    <P></P>
    <P><FONT size=2>Check the certificate using the below link:</FONT></P>
    <P><FONT size=2>
    <UL>
    <LI><A href="https://$Hostname$/vedadmin/Default.aspx?tsel=Policy&tfil=&tdn=$Event.Component$&tclik=false&topt=query%3D%26qcomp%3Dname%26qmatch%3Dstartswith%26loadChildren%3Dtrue%26loadRelatedObjects%3Dtrue%26expandsearch%3Dfalse%26filter%3DAll%26aliases%3Dfalse%26&dsel=Config%3AX509%20Certificate&ddn=$Event.Component$&catid=Certificate&dtab=Venafi.Admin.Plugin.Web.CertificateView&dico=certificate.png">Open Certificate in WebAdmin</A></LI></UL></FONT>
    <P></P>
    <P><FONT size=2>If this is intended, please ignore this email.</FONT></P>
    </TD>
    <TR>
    <TD style="FONT-SIZE: 11px; COLOR: #999; PADDING-BOTTOM: 40px; PADDING-TOP: 25px; PADDING-LEFT: 40px; PADDING-RIGHT: 40px" bgColor=#ededed>This email is being sent to you by Venafi Encryption Director because you are named as a contact on this notification.</TD></TR></TBODY></TABLE><!-- /table layer 2 --></TD></TR></TBODY></TABLE><!-- /table layer 1 --></TD></TR></TBODY></TABLE></BODY>
  12. Screen_Shot_2015-01-05_at_22.21.44.png

  13. Click on the "Apply" button to save all of your changes
    Screen_Shot_2015-01-05_at_22.22.51.png

  14. Your notification template is now done. Now is time to create the Notification Rules to trigger it.
  15. Right click on "Notification Rules" and choose Add => Rules => Notification
    Screen_Shot_2015-01-05_at_22.23.34.png

  16. Name the new Notification Rule anything that suites your naming structure.  Here we will call ours "WebAdmin Disable / Enable Processing".  Click "Create"
    Screen_Shot_2015-01-05_at_22.24.21.png

  17. Click on our new Notification Rule object called "WebAdmin Disable / Enable Processing" from the Tree view on the left.
    Screen_Shot_2015-01-05_at_22.24.55.png
  18. Use the Table below to complete the Rules section of the notification rule:

    If Event ID matches Admin UI - Configuration Changed
    And Text 2 matches Disabled
    Screen_Shot_2015-01-05_at_22.27.35.png
    NOTE: Text 2 is case sensitive

  19. Under Target Channels click the "Add" button and select the SMTP Channel we created in Step 6.

    Screen_Shot_2015-01-05_at_22.29.34.png

  20. Click the "Apply" button to save the changes that have been made to the Notification Rule. Now create a notification rule for Aperture.
  21. Right click on "Notification Rules" and choose Add => Rules => Notification
  22. Name the new Notification Rule anything that suites your naming structure.  Here we will call ours "Aperture Disable / Enable Processing".  Click "Create"
    Screen_Shot_2015-01-05_at_22.28.23.png
  23. Click on our new Notification Rule object called "Aperture Disable / Enable Processing" from the Tree view on the left.
    Screen_Shot_2015-01-05_at_22.28.37.png
  24. Use the Table below to complete the Rules section of the notification rule:

    If Event ID matches Aperture - Configuration Changed
    And Text 2 matches Disabled
    Screen_Shot_2015-01-05_at_22.29.25.png
    NOTE: Text 2 is case sensitive

  25. Under Target Channels click the "Add" button and select the SMTP Channel we created in Step 6.

    Screen_Shot_2015-01-05_at_22.29.34.png

  26. Click the "Apply" button to save the changes that have been made to the Notification Rule.

The notification template and rule are now configured. 

Sample Notification For Disabled Certificates

Screen_Shot_2015-01-05_at_23.05.00.png

Sample Notification For Enabled Certificates

Screen_Shot_2015-01-05_at_23.04.14.png

0 comments

Post is closed for comments.