This topic provides an overview of notification outputs. These notification outputs are required when defining an ESA rule. You configure notification outputs in the Administration System view (Administration > System > Notifications > Outputs tab).
Global Notifications configurations define notifications settings for Event Source Management (ESM), Health and Wellness, Global Audit Logging, Event Stream Analysis (ESA), and Incident Management.
You do not need to configure notification outputs (the Output tab) for Global Audit Logging.
Notification outputs are the destinations used for sending notifications. For ESA, notification outputs enable you to define how you want to receive the ESA alerts. The following are the different notification outputs supported by Security Analytics:
Email notification settings define the destination email address to which you can send the alerts. You can also add a custom description in the subject of the email and define multiple destination email addresses.
SNMP notification settings enable you to define the SNMP settings to send alert notifications. Syslog notifications enable you to define the Syslog settings used to send alert notifications. Script notifications enable you to define the Script that executes in response to the alert.
For detailed information on the notification configurations, including parameters and descriptions, see Define Notification Server Dialogs.