|Hi PacketFence community, We're using PacketFence 14.1 and integrating
with external systems (FleetDM) to trigger `security_event`s via the
REST API when policy violations are detected. We're able to successfully
create events via: |
POST /api/v1/security_events
|However, we'd like to **pass some dynamic metadata** about the
violation (e.g., `policy=antivirus_running status=fail source=FleetDM`)
— and make it **visible to the end user** on the captive portal
remediation page (and possibly in email templates). ### Questions: 1. Is
there a **recommended way** to include dynamic descriptive data when
creating a `security_event` via API? - For example, can `notes` or any
other field be used to store a custom string? - Is that field exposed to
templates (e.g. via `[% node.security_event.notes %]`)? 2. If not
directly possible via the `/api/v1/nodes/{mac}/apply_security_event` or
`/api/v1/security_events`, are there **template variables or
workarounds** that can help pass contextual info to the user? The goal
is to help users understand *why* their device was isolated — for
example, by showing the policy name or scanner result in the portal page
or email template. Thanks in advance for any guidance! |
------------------------------------------------------------------------
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users