I see that when some notice gets emailed (like SQL) it can contain extra data that is not in the notice.log. How does this get created? Is there a way to log it so I can send it to my SIEM?
what is sent via email can be extended using email_body_sections (see
you can see how it is used to add additional information.