git.stella-ops.org/offline/notifier/templates/attestation/identity-matched.slack.template.json

{
  "templateId": "identity-matched-slack",
  "tenantId": "bootstrap",
  "channelType": "Slack",
  "key": "identity-matched",
  "locale": "en-US",
  "schemaVersion": "1.0.0",
  "renderMode": "Markdown",
  "format": "Json",
  "description": "Slack notification for identity watchlist matches",
  "metadata": {
    "eventKind": "attestor.identity.matched",
    "category": "attestation"
  },
  "body": "{{ #if (eq event.severity \"critical\") }}:rotating_light:{{ else if (eq event.severity \"warning\") }}:warning:{{ else }}:information_source:{{ /if }} *Identity Watchlist Alert*\n\n*Severity:* `{{ event.severity }}`\n*Watchlist Entry:* {{ event.watchlistEntryName }}\n\n*Matched Identity:*\n{{ #if event.matchedIdentity.issuer }}> Issuer: `{{ event.matchedIdentity.issuer }}`\n{{ /if }}{{ #if event.matchedIdentity.subjectAlternativeName }}> SAN: `{{ event.matchedIdentity.subjectAlternativeName }}`\n{{ /if }}{{ #if event.matchedIdentity.keyId }}> Key ID: `{{ event.matchedIdentity.keyId }}`\n{{ /if }}\n*Rekor Entry:*\n> UUID: `{{ event.rekorEntry.uuid }}`\n> Log Index: {{ event.rekorEntry.logIndex }}\n> Artifact: `{{ event.rekorEntry.artifactSha256 }}`\n> Integrated: {{ event.rekorEntry.integratedTimeUtc }}\n\n{{ #if (gt event.suppressedCount 0) }}:mute: {{ event.suppressedCount }} duplicate alerts suppressed\n{{ /if }}---\n_Event ID: {{ event.eventId }}_"
}