This article illustrates how to configure Xray policy to send email notifications for the detected violations.
Create an Xray policy with relevant severity selected along with that, add the email address who should receive the notifications for Xray violations.
The following screenshot shows the option to enable email notifications from Xray policy configuration.
Once the policy is saved, we need to make sure that this policy is part of an Xray watch in which need to add resources (repository/build) to be selected. If it is an existing watch, then we need to make sure that the changes needed to be applied to the existing content as shown in the screenshots below.
We will able to receive the email notifications for the Xray violations as soon as are Xray finishes scanning an artifact that is part of a repository or a build.