This topic provides instructions on how configure the various notification outputs. These notification outputs are required to define an ESA rule.
Global Notifications configurations define notifications settings for Event Source Management (ESM), Health and Wellness, Global Audit Logging, Event Stream Analysis (ESA), and Incident Management.
You do not need to configure the Output tab for Global Audit Logging.
Notification Output configurations define email addresses and subject lines, SNMP trap OID settings, syslog output settings, and script code.
You can define, delete, edit, import, and export notification outputs in Security Analytics. Individual topics describe the relevant procedures. For more information on ESA alert configuration, see Notification Methods. You delete, edit, import, and export notification outputs and notification servers in the same way as templates. If you attempt to delete a notification output being used by alerts, you will receive a warning confirmation message that the alerts using the notification will not function properly. The message shows the number of alerts in use.