Skip to main content

Receive email notifications

You can choose to receive notifications from Semgrep regarding new findings through email.

Perform these steps in Semgrep AppSec Platform to create an email integration and receive notifications:

  1. Create an email integration:
    1. On the navigation menu, click Settings > Integrations > Add Integration.
    2. Click on Email.
    3. Enter a Name for the integration.
    4. Enter the Email address to receive Semgrep findings.
    5. Click Save.
  2. Turn notifications on:
    1. Click Rules > Policies > Rule Modes.
    2. Click the Edit button of the Rule Mode for which you want to receive email notifications. For example, if you want to be notified of all blocking findings through email, click the Edit button of the Block mode.
    3. Repeat the previous step for all Rule Modes that you want to receive notifications for.

Screenshot of Semgrep AppSec Platform email with findings Figure Sample of an email sent from Semgrep with findings.

Notification and alert de-duplication

Notifications are sent only the first time a given finding is detected.

When running a diff-aware scan, Semgrep doesn't notify you when a pull request has a finding that existed on the base branch already, even if that line is moved or re-indented.

Semgrep also tracks notifications that have already been sent, so subsequent scans of the same changes in a pull request won't result in duplicate notifications.

note

See Findings in CI for more information about how Semgrep tracks a finding through its lifetime.

Number of emails

While emails are triggered only when Semgrep identifies a new finding, the emails you receive also include a summary of all findings.

Not finding what you need in this doc? Ask questions in our Community Slack group, or see Support for other ways to get help.