KarmaPenny
commented
5 years ago used the email archive instead
Closed KarmaPenny closed 5 years ago
KarmaPenny
commented
5 years ago used the email archive instead
its possible for an alert to come in that was bcc'd or sent to other users but have no alert for those additional emails.
We should be able to query ELK for the message_id and locate any additional recipients. Then we can add those recipients to the alert. Along with remediation targets so all the emails get remediated.