Note: Automatic alerting, and it settings, are currently in Beta testing.
Before you set up notifications for an event source group, you should review the available notification items:
- Notification Servers: These are the servers that you want to receive notifications from the system. For more details, see the Notification Servers Overview topic in the System Configuration Guide.
- Notification Templates: These are the available templates for each type of notification. For Event Source Management, default templates are supplied for Email (SMTP), SNMP, and Syslog. You can use these templates as supplied, or customize them if necessary. For more details, see the Templates Overview topic in the Systems Configuration Guide.
- Notification Output: The outputs contain the parameters for the notification type. For example, an email notification type contains the email addresses and subject for the notification. For more details, see the Notification Outputs Overview topic in the Systems Configuration Guide.
Configure Automatic Alerting
- In the Security Analytics menu, select Administration > Event Sources.
Select the Settings tab.
The Settings tab is displayed.
- By default, automatic monitoring is turned on. To turn off automatic alerting, clear the Enable Automatic Monitoring option.
- By default, notifications for automatic alerts is turned off. To turn on automatic notifications, select the Enable Notifications From Automatic Monitoring option.
Configure the parameters, based on your usage patterns:
- Low Standard Deviations: standard deviations below which to receive alerts. Default is 2.0 (95% confidence).
- High Standard Deviations: standard deviations above which to receive alerts. Default is 2.0 (95% confidence).
Note: You can adjust the standard deviation settings in increments of 0.1 (one tenth) of a standard deviation. vvv
- Click Save to close the dialog and save your settings.