This window lets you override the default content contained in a notification action message. For example, if you are creating an email notification action, you can customize the information contained in the email subject line and body. If you are creating a syslog or trap notification action, you can specify certain information you want contained in the syslog or trap message.
The default content that appears in the window (as shown below) is defined in the NAC ManagerNotification Engine options (Tools > Options). Any overrides you define here only affects the specific notification action that you are editing.
The message content is configured as a template, with the content passed directly as typed, except for the variable information which is specified by $keyword. The variable information ($keyword) is replaced with information from the notification when the notification action is executed. See below for a list of available keywords, along with their definitions.
The Custom Arguments field is used to specify the arguments passed to a program. Each argument is delimited by spaces. An argument can be a literal, passed to the program exactly as typed, or a variable, specified as $keyword. A group of literals and variables can be combined into a single argument by using double quotes. The value "all" is a special value that tells Extreme Management Center to pass all variable values to the program as individual arguments.
To access this window, select the Override Content checkbox in the Edit Notification Action window and click the Edit Content button.
Keyword Definitions
There are certain "keywords" that you can use in your email, syslog, and trap messages to provide specific information. These $keywords are replaced with information from the notification when the notification action is executed.
Following is a list of available keywords for NAC Manager notifications, along with the value the returned keyword. The keywords are organized according to the notification type they pertain to (End-System, Registration, Health Result, User Group, or End-System Group), and can only be used when that specific type of notification action is being edited. The Default keywords can be used with any notification type.
| Keyword | Returned Value |
|---|---|
| Default Keywords | |
| $type | The notification type. |
| $trigger | The notification trigger. |
| $conditions | A list of the conditions specified in the notification action. |
| $server | The Extreme Management Center server IP address. |
| End-System Keywords | |
| $macAddress | The end-system's current MAC address. |
| $oldmacAddress | The end-system's previous MAC address. |
| $ipAddress | The end-system's current IP address. |
| $oldipAddress | The end-system's previous IP address. |
| $username | The current username used to authenticate the end-system. |
| $oldusername | The previous username used to authenticate the end-system. |
| $hostname | The end-system's hostname. |
| $oldhostName | The end-system's previous hostname. |
| $operatingSystemName | The full operating system running on the end-system. |
| $oldoperatingSystemName | The previous full operating system the end-system was running. |
| $ESType | The end-system's current operating system family (for example, Windows, Mac, or Linux). |
| $oldESType | The end-system's previous operating system family (for example, Windows, Mac, or Linux). |
| $state | The end-system's current state: ACCEPT, REJECT, SCAN, QUARANTINE, DISCONNECTED, or ERROR. |
| $oldstate | The end-system's previous state: ACCEPT, REJECT, SCAN, QUARANTINE, DISCONNECTED, or ERROR. |
| $stateDescr | A description of the end-system's current state. |
| $oldstateDescr | A description of the end-system's previous state. |
| $extendedState | An extended description of the end-system's current state. |
| $oldextendedState | An extended description of the end-system's previous state. |
| $switchIP | The IP address of the switch the end-system is currently connected to. |
| $oldswitchIP | The IP address of the switch the end-system was previously connected to. |
| $switchLocation | The physical location of the switch the end-system is currently connected to (for example, the building/floor location). |
| $oldswitchLocation | The physical location of the switch the end-system was previously connected to (for example, the building/floor location). |
| $switchPort | The ifIndex of the switch port the end-system is currently connected to. |
| $oldswitchPort | The ifIndex of the switch port the end-system was previously connected to. |
| $switchPortId | The name of the switch port the end-system is currently connected to (for example, ge.1.1). |
| $oldswitchPortId | The name of the switch port the end-system was previously connected (for example, ge.1.1). |
| $authType | The latest authentication method used by the end-system to connect to the network. |
| $oldauthType | The previous authentication method used by the end-system to connect to the network. |
| $allAuthTypes | A comma-separated list of authentication types currently used for this end-system in its current location. The list is only provided if there is more than one authentication type. |
| $oldallauthTypes | A comma-separated list of authentication types previously used for this end-system in its current location. The list is only provided if there is more than one authentication type. |
| $nacProfileName | The NAC profile currently assigned to the end-system. |
| $oldnacProfileName | The NAC profile previously assigned to the end-system. |
| $reason | The reasons why the end-system is assigned its current NAC profile or is in a particular state. |
| $oldreason | The reasons why the end-system was assigned its previous NAC profile or is in a particular state. |
| $policy | The access policy currently assigned to the end-system, if on a policy-based switch. |
| $oldpolicy | The access policy previously assigned to the end-system, if on a policy-based switch. |
| $firstSeentime | The first time the end-system was seen by the Extreme Access Control (Access Control) engine. |
| $lastSeenTime | The last time the end-system was seen by the Access Controlengine. |
| $oldlastSeenTime | The previous last time the end-system was seen by the Access Control engine. |
| $nacApplianceIp | The IP address of the Access Control engine on which the end-system authenticated. |
| $oldnacApplianceIp | The IP address of the previous Access Control engine on which the end-system authenticated. |
| $nacapplianceGroupName | The engine group for the Access Control engine where the end-system was last heard. |
| $oldnacApplianceGroupName | The previous engine group for the Access Control engine where the end-system was last heard. |
| $lastScanTime | The last time a scan was performed on the end-system. |
| $lastScanResultState | The resulting state of the last scan: ACCEPT, QUARANTINE, or empty. |
| $ssid | The Service Set Identifier (SSID) of the wireless network the end-system is connected to. |
| $oldssid | The Service Set Identifier (SSID) of the wireless network the end-system was previously connected to. |
| $wirelessAp | The name of the Wireless Access Point (AP) to which the end-system is connected. If the AP's name is unavailable, then the AP's MAC address is reported. If the MAC address is unavailable, then the AP's serial number is reported. |
| $oldwirelessAp | The name of the Wireless Access Point (AP) to which the end-system was previously connected. If the AP's name is unavailable, then the AP's MAC address is reported. If the MAC address is unavailable, then the AP's serial number is reported. |
| $ifAlias | The ifAlias of the switch port to which the end-system is currently connected. |
| $oldifAlias | The ifAlias of the switch port to which the end-system was previously connected. |
| $ifDescription | The ifDescription of the switch port to which the end-system is currently connected. |
| $oldifDescription | The ifDescription of the switch port to which the end-system was previously connected. |
| $ifName | The ifName of the switch port to which the end-system is currently connected. |
| $oldifName | The ifName of the switch port to which the end-system was previously connected. |
| $custom1 | The text from the Custom 1 end-system information column. |
| $custom2 | The text from the Custom 2 end-system information column. |
| $custom3 | The text from the Custom 3 end-system information column. |
| $custom4 | The text from the Custom 4 end-system information column. |
| $regName | The registered username supplied by the end user during the registration process. |
| $regEmail | The email address supplied by the end user during the registration process. |
| $regPhone | The phone number supplied by the end user during the registration process. |
| $regData1 | The text from the Custom 1 registration field supplied by the end user during the registration process. |
| $regData2 | The text from the Custom 2 registration field supplied by the end user during the registration process. |
| $regData3 | The text from the Custom 3 registration field supplied by the end user during the registration process. |
| $regData4 | The text from the Custom 4 registration field supplied by the end user during the registration process. |
| $regData5 | The text from the Custom 5 registration field supplied by the end user during the registration process. |
| $regDeviceDescr | The device description supplied by the end user during the registration process. |
| $regSponsor | The registered device's sponsor. |
| $memberOfGroups | The current list of MAC end-system groups listed in the Groups end-system information column. |
| $oldmemberOfGroups | The previous list of MAC end-system groups listed in the Groups end-system information column. |
| $groupDescr1 | The entry description that was entered when the end-system was added to a MAC-based end-system group. |
| $groupDescr2 | The entry description that was entered when the end-system was added to a MAC-based end-system group. |
| $groupDescr3 | The entry description that was entered when the end-system was added to a MAC-based end-system group. |
| Registration Keywords | |
| $category | The type of action that was performed, for example: Registered Device Added, Registered Device Updated, Registered User Added; Registered Device Removed, Registered User Removed. |
| $time | The time the end-system registered to the network. |
| $source | The MAC address of the registered device or the name of the registered user. |
| $message | A message describing the action that was performed (for example, Added Registered Device for User: <username> - MacAddress: <MAC address>). |
| Health Result Keywords | |
| $macAddress | The end-system's MAC address. |
| $ipAddress | The end-system's IP address. |
| $startScanDate | The date and time the scan started. |
| $endScanDate | The date and time the scan ended. |
| $hostUnreachable | Whether the host was unreachable before or after the scan was run: true or false. |
| $testSets | A list of test sets that were run during assessment. |
| $totalScore | The total sum of the scores for all the health details for the health result. |
| $topScore | The highest score received for a health detail in the health result. |
| $riskLevel | The risk level assigned to the end-system based on the health result. |
| $riskLevelReason | The reason the health result was placed into the specified risk level. |
| $assessmentSummary | A list of all the test cases that were run against the device during assessment. |
| $statusDetail | A list of the vulnerabilities that were found during assessment. |
| $assessmentServerIpAddress | The IP address of the assessment server that performed the scan. |
| $assessmentServerName | The name of the assessment server that performed the scan. |
| User Group Keywords | |
| $name | The name of the user group. |
| $createdBy | The name of the user that created the user group. |
| $creationTime | The time and date the user group was created. |
| $description | A description of the user group (if one was defined when the group was created). |
| $added | A comma-separated list of user entries that were added to the group during the change. |
| $removed | A comma-separated list of user entries that were removed from the group during the change. |
| $lastModifiedTime | The last time the user group was modified. |
| $oldlastModifiedTime | The previous last time the user group was modified. |
| $lastModifiedBy | The name of the user who most recently edited the user group. |
| $oldlastModifiedBy | The name of the user who had previously edited the user group. |
| $revisionCounter | The current revision count (the number of changes that have been made) for the user group. |
| $oldrevisionCounter | The previous revision count (the number of changes that have been made) for the user group. |
| $listtype | One of the following types: Username, LDAP User Group, RADIUS User Group. |
| End-System Group Keywords | |
| $name | The name of the end-system group. |
| $createdBy | The name of the user that created the end-system group. |
| $creationTime | The time and date the end-system group was created. |
| $description | A description of the end-system group (if one was defined when the group was created). |
| $added | A comma-separated list of end-system entries that were added to the group during the change. |
| $removed | A comma-separated list of end-system entries that were removed from the group during the change. |
| $lastModifiedTime | The last time the end-system group was modified. |
| $oldlastModifiedTime | The previous last time the end-system group was modified. |
| $lastModifiedBy | The name of the user who most recently edited the end-system group. |
| $oldlastModifiedBy | The name of the user who had previously edited the end-system group. |
| $revisionCounter | The current revision count (the number of changes that have been made) for the end-system group. |
| $oldrevisionCounter | The previous revision count (the number of changes that have been made) for the end-system group. |
| $listtype | One of the following types: MAC, IP, Hostname. |
For information on related windows:
