Case ManagerConfigure Case Manager

Table of Contents

Configure Incident Email

Link Case Manager to an email account to send incident emails directly from an incident.

You can't use the same account

  • An email account from which users send and receive Case Manager-related messages (for example, casemanagement@mycompany.com). The mailbox cannot be a shared mailbox or a subfolder. You can't use the same email account you use for email ingest.

  • Credentials for the email inbox. The account credentials must have read and write access to the entire mailbox.

  • IMAP connectivity.

    Protocol

    Port Number

    IMAP

    143

    IMAP + SSL

    993

  • If you use Microsoft Exchange Online with OAuth2.0 modern authentication, ensure that you complete specific prerequisites.

  1. Ensure that emails aren't encrypted and attachments are in EML format. MSG files are not yet supported.

  2. In the navigation bar, click the menu The menu icon in the navigation bar; three white lines on a green background., select Settings, then select Core.

  3. Under INCIDENT INGESTION, select 2-Way Email.

  4. Enter information about your email account, inbound connection, and outbound connection:

    • Username – Enter the username for the mail server. This may be an email address.

    • Password – Enter the password for the mail server.

    • Email address – Enter the email address on the mail server.

    • Folder – Enter the name of the folder from which emails are ingested.

    Inbound

    • Inbound host/server – Enter the name of the inbound mail server.

    • Inbound protocol – Select the mail protocol used to receive emails.

    • Inbound port – Enter the inbound protocol port number.

    Outbound

    • Outbound host/server – Enter the name of the outbound mail server.

    • Outbound protocol – Select the mail protocol used to send emails.

    • Outbound port – Enter the outbound protocol port number.

    • Exchange protocol – Select the box if you use Microsoft Exchange Online.

  5. If you selected the Exchange Protocol box, enter additional information about your Microsoft Exchange Online account and connection:

    • Exchange host – Enter the host name of your Microsoft Exchange server.

    • SSL – Select the box if you installed a Secure Sockets Layer (SSL) certificate on your Microsoft Exchange server.

    • Exchange port – Enter the port number your Microsoft Exchange host uses.

    • Authentication type – Select the protocol used to authenticate to your Exchange host: BASIC, NTLM, or OAUTH2.0.

    • Exchange version – Select your version of Microsoft Exchange:

      • Microsoft Exchange 2007, Service Pack 1

      • Microsoft Exchange 2010

      • Microsoft Exchange 2010, Service Pack 1

      • Microsoft Exchange 2010, Service Pack 2

      • Other Exchange Version

    • Log level – Case Manager generates logs about your system activity that Customer Success uses to debug problems in your system. Select how detailed these log are: low or verbose. To conserve disk space, it's best to select low. If you have problems with your system, Customer Success may direct you to change log level to verbose.

  6. If you selected OAUTH2.0 as your Authentication type, enter additional information about the application you registered on Microsoft:

    • Client ID – Enter your Exabeam Microsoft Application (client) ID.

    • Client secret – Enter your Exabeam Microsoft Application client secret.

    • Tenant ID – Enter your Microsoft Azure AD tenant ID.

    • National cloud – If you have a national cloud deployment of Microsoft Azure, select your national cloud: China, Germany, or USGovernment. If you don't have a national cloud deployment, select Global.

  7. To validate the inbound and outbound connection to your mail server, click TEST INBOUND and TEST OUTBOUND. If you see Failed to test Service connectivity, verify that you entered the correct email account, inbound connection, and outbound connection information.

  8. Click SAVE.

  9. To enable the email route, click START.

    The email route appears in the EMAIL FEEDS list with a RUNNING status.