Skip to main content
Panther Knowledge Base

What is the default alert_context if I don't have an alert_context function in my Panther detection?

  1. Last updated
  2. Save as PDF

QUESTION

What is the default alert_context if I don't have an alert_context function in my Panther detection?

ANSWER

The default is null unless you intentionally set it in your rule.
The function alert_context should return a dictionary, as shown in this rule template in Panther's Github and this Okta rule.

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Page type
    Topic
  2. Tags
    This page has no tags.