Notifications

Learn how to view, search, and manage policy notifications in Endor Labs.

Notifications provide alerts about security incidents and violations of your configured policies. It gives you centralized visibility into notifications across all your integrations, helps you debug and recover from notification delivery failures. You can also track your security work queue through open and resolved states, and provides an audit trail of all notifications.

When findings match the criteria defined in your action policy, Endor Labs automatically sends notifications to the configured notification channels, such as email, Slack, Jira, webhooks, Vanta, or GitHub PR comments.

To receive notifications, you must:

  1. Set up notification integrations
  2. Configure action policy with the Send Notification action.

To view all notifications in your namespace:

  1. Sign in to Endor Labs.
  2. Select Notifications from the left sidebar.

The notifications are organized into three categories:

  • Open: Active notifications that require attention.
  • Resolved: Notifications that have been addressed.
  • All: All notifications in your namespace, regardless of their status.

You can view the following details for each notification:

  • Opened: Elapsed time since the notification was created.
  • Policy: Action policy that triggered the notification.
  • Project: The project associated with the notification.
  • Last Evaluated: The elapsed time since the policy was last evaluated.
  • Violations: The number of violations detected for the notification.
  • Namespace: The namespace where the notification is created.
  • Channels: The notification channels configured in your namespace such as Jira, Email, Slack, Vanta, Webhooks, and GitHub PR.

Notifications

You can search for notifications by the policy name or Jira issue key.

  • Policy name: Enter the policy name to find all notifications associated with that policy. For example, search for SAST to find all notifications triggered by the SAST policy.
  • Jira issue key: Enter a Jira issue ID in the format PROJECT-KEY-NUMBER to find all notifications associated with that Jira issue. For example, searching for BUG-235 shows notifications that are linked to the Jira issue BUG-235.

Use filters to refine notifications by time range, projects, notification channels, or error status. You can use the following filter options:

  • All Time: Filter notifications by creation date. You can select from the following options: Last Day, Last week, last month, last 60 days, last 90 days, All Time, or you can customize the time range.
  • Projects: Enter a project name in your namespace and select it. You can select multiple projects to view notifications from those selected projects.
  • Channels: Filter notifications by notification channels such as Slack, Jira, Email, webhooks, Vanta, and GitHub PR. The channels displayed depend on the notification integrations set up in your namespace.
  • Has Errors: Filter to show only notifications that have errors in their notification delivery. This includes errors such as failed delivery attempts, configuration issues, or unsupported scenarios.

Each notification contains detailed information about the security event or policy violation that triggered it, including metadata about the associated project, the findings that caused the notification, and any actions that were taken in response. You can also view any errors that occurred during notification delivery.

To view notification details:

  1. Select Notifications from the left sidebar.
  2. Select a notification.
  3. Select Overview to view key information about the notification such as its metadata, triggered actions, and associated findings.
    • Notification metadata: Project associated with the notification, the date and time when the notification was opened, the date and time when the policy was last evaluated, and the notification UUID.
    • Actions triggered by this notification: Lists all actions that were triggered by the notification, including issue IDs created in external systems, and links to external tickets or pull requests.
    • Findings that triggered this notification: Lists the findings that matched the action policy criteria and caused this notification to be created.
  4. Select Issues to view error messages and troubleshoot notification delivery problems.

View details of notifications

Use actions on each notification to view details, navigate to the related action policy, or dismiss notifications.

To navigate to the policy which triggered a notification:

  1. Select Notifications from the left sidebar.
  2. Click the three vertical dots on the notification whose policy you want to view.
  3. Select Go to Policy to open the action policy to view and update the policy.

You can dismiss notifications that you have reviewed or that are no longer relevant. Dismissed notifications can still be accessed in the All category.

To dismiss a notification:

  1. Select Notifications from the left sidebar.
  2. Click the three vertical dots on the notification you want to dismiss.
  3. Select Dismiss Notification.

You can also undismiss a notification. Click on the three vertical dots of the dismissed notification and select Undismiss Notification.

You must configure notification integrations to receive notifications. These integrations define where notifications are sent when action policies trigger them. Endor Labs supports integrations like email, Jira, Slack, Vanta, and other tools.