Security Center sends alert notifications to you through SMS, emails, website messages, or DingTalk chatbots. You can specify the notification method and the risk severity for which you want to receive notifications. This topic describes how to modify notification settings and add a DingTalk chatbot.

Background information

By default, the contact of your Alibaba Cloud account is the recipient for alert notifications. To add more recipients, you can log on to the Message Center, choose Common Settings > Security message > Security Notice > Add Message Recipient.

Procedure

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, click Settings.
  3. On the Settings page, click the Notifications tab.
  4. On the Notifications tab, you can specify the notification method (Notify By), time (Notify At), and the severity of security events (Severity) for Vulnerabilities, Baseline Risks, Alerts, AccessKey leakage info, Config Assessment, and Emergency Vul Intelligence.
    Note The new settings specified on this page take effect immediately.
  5. Optional:Add a DingTalk chatbot.
    If you have already installed DingTalk and created a DingTalk group, you can add a DingTalk chatbot to receive notifications from Security Center.
    Note If no DingTalk group is created, you cannot add a DingTalk chatbot. Before you can create a DingTalk group, you must install DingTalk.
    1. Find the DingTalk group to which you want to add a chatbot, and choose Group Settings > Group Assistant > Add Robot > Custom > Add in the upper right corner.
    2. Configure the chatbot.
      Note When you add the chatbot, select Custom Keywords in the Security Settings section, and enter Security Center in the Custom Keywords field. Do not select Additional Signature or IP Address.
    3. Copy the Webhook URL and click Finished.
    4. In the Security Center console, choose Settings > Notifications and click Add Chatbot in the DingTalk Chatbot Notification Settings section.
    5. On the Add DingTalk Chatbot page, set the following parameters.
      Parameter Description Configuration method
      Chatbot Name The chatbot name. We recommend that you enter an identifiable name.
      Webhook URL The webhook URL of the chatbot. Find the webhook URL of the chatbot in the corresponding DingTalk group, copy the webhook URL, and then paste it in the Webhook URL field.
      Notice Keep the webhook URL confidential and do not disclose it on external websites. If the webhook URL is leaked, security risks may arise.
      Asset Groups You can select one or more asset groups that are created on the Assets page. After you specify the asset groups, the DingTalk chatbot will send you alert notifications that are related to the assets in the asset group. Select one or more asset groups from the drop-down list.
      Notify On The types of alerts for which you want to receive notifications. Select the alert types from the drop-down list.
      Note Currently, supported alert types include vulnerabilities, baseline risks, security alerts, and AccessKey leakage.
      Notification Interval The time interval at which the DingTalk chatbot sends notifications. Supported intervals include 1 Minute, 5 Minutes, 10 Minutes, 30 Minutes, and No Limit. If you select No Limit, each alert notification is sent in real time.
      Note If you select No Limit, a webhook can send a maximum of 20 notifications in one minute.
      Select the time interval from the drop-down list.
      Language The language of the notifications. Supported languages include English and Chinese. Select a language from the drop-down list.
    6. Click Add to complete creating the DingTalk chatbot.

      By default, the status of a newly created DingTalk chatbot is Enabled.

      Note
      • After you add the DingTalk chatbot, you can click Test in the Actions column to test whether the chatbot is associated with the DingTalk group.
      • You can Edit or Delete the DingTalk chatbot. If you delete the chatbot, you can no longer receive notifications from the DingTalk group. However, you can still receive notification by other methods that you specify, such as SMS, emails, or website messages.