An incident internal activity enables you to mail or attach information from the Sentinel database to the incident associated with the workflow process. Each of these options has a prerequisite.
Vulnerability for the Initiator IP address (SIP) or the Target IP address (DIP): This requires that you run a vulnerability scanner and bring the results of the scan into Sentinel by using a Vulnerability (or “information”) Collector.
Advisor attack-related data: This requires the purchase and installation of the optional Advisor data subscription service.
Asset data This requires that you run an asset management tool such as NMAP and bring the results into Sentinel by using an Asset Collector.
To send mail messages from within the Sentinel Control Center, you must have an SMTP Integrator that is configured with connection information and with the SentinelDefaultEMailServer property set to true.
For trademark and copyright information, see Legal Notices.