SecurityTips

SecurityCoach Information Placeholders Overview

You can use SecurityCoach information placeholders to populate specific information in your SecurityTip notifications. These placeholders pull information from the triggered detection rule that initiates the SecurityTip. For general information about placeholders, see our How to Use Placeholders article.

Note:You can only use SecurityCoach information placeholders in SecurityTip notification templates. These placeholders are not available in training notifications.

For information about each of the SecurityCoach information placeholders, see the table below:

Placeholder Name Placeholder Drop-Down Menu Option Information Populated
[[log_type]] Log Type

This placeholder populates the vendor’s security type.

For more information, see our Vendor Security Types article.

[[vendor]] Vendor This placeholder populates the vendor’s name.
[[rule]] Detection Rule This placeholder populates the detection rule’s name.
[[category]] Rule Category

This placeholder populates the detection rule’s category.

For example, the category may be malware or online safety.

[[detection_datetime]] Detection Time This placeholder populates the date and time that the rule detection occurred.
[[detection_category]] Detection Category This placeholder populates the rule detection’s threat category.
[[detection_severity]] Detection Severity

This placeholder populates the rule detection’s threat severity.

Threat severities include low, medium, high, and critical.

[[event_file_name]] Event File Name

This placeholder populates the name of the file that triggered the detection rule.

[[domain_visited]] Domain Visited

This placeholder populates the domain that triggered the detection rule.

[[email_subject]] Email Subject

This placeholder populates the subject of the email that triggered the detection rule.

Can't find what you're looking for?

Contact Support