|Hi PacketFence community, We're using PacketFence 14.1 and integrating with external systems (FleetDM) to trigger `security_event`s via the REST API when policy violations are detected. We're able to successfully create events via: |

POST /api/v1/security_events

|However, we'd like to **pass some dynamic metadata** about the violation (e.g., `policy=antivirus_running status=fail source=FleetDM`) — and make it **visible to the end user** on the captive portal remediation page (and possibly in email templates). ### Questions: 1. Is there a **recommended way** to include dynamic descriptive data when creating a `security_event` via API? - For example, can `notes` or any other field be used to store a custom string? - Is that field exposed to templates (e.g. via `[% node.security_event.notes %]`)? 2. If not directly possible via the `/api/v1/nodes/{mac}/apply_security_event` or `/api/v1/security_events`, are there **template variables or workarounds** that can help pass contextual info to the user? The goal is to help users understand *why* their device was isolated — for example, by showing the policy name or scanner result in the portal page or email template. Thanks in advance for any guidance! |

------------------------------------------------------------------------
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to