can we change psad's email notification banners ?

[rolandjitsu]

Is it possible to change PSAD's email notification banners to a more friendly Body, Subject and From fields ? Sometimes the client needs a bit more in the Subject and From field to know what it is.

[mrash]

Hello - the subject line has a configurable prefix according to these psad.conf variables:

MAIL_ALERT_PREFIX [psad-alert]; MAIL_STATUS_PREFIX [psad-status]; MAIL_ERROR_PREFIX [psad-error]; MAIL_FATAL_PREFIX [psad-fatal];

The email body contains the psad alert content - how would you envision this should be customized? Also, psad uses the 'mail' command to send mail (as opposed to connecting to a mail server directly), so I'm not sure how customizable the 'From' field is.

[rolandjitsu]

I have found those settings. But that is just a part of the message. Nevertheless, I though that there would be a file where we could edit the body of the message and the subject.

I am aware that it uses the system mail command, I took a look at the source code and I also found the email banners for all types of alerts.

I don't have a clue how the body could be configured by the user, perhaps have a file for each message and pass some arguments to it when reading it so the user can use some of the information similar to what you use inside the predefined banners. But that is just me.

Anyway, great tool, easy to configure and pretty simple. :+1: I guess this topic can be closed, as it may not be worth the trouble for such a small thing.

[mrash]

Glad you like psad - I'm always looking for ways to improve it. I do think it would be a nice feature to allow the psad alert body to be customized in certain ways as you suggest by using a file 'template' with variables that get substituted when alerts are generated. I'll keep this issue open until that can be implemented.

[rolandjitsu]

Sounds fair to me @mrash :) looking forward to try it out, if and when it'll be there

[mrash]

Sorry, got the issue number mixed up with that last commit.