Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Creating Alert Definitions

Before You Begin

Use the Alert Definitions page to generate alerts that warn you of problems in your monitored environment. An alert definition consists of data criteria for triggering an alert. An alert is triggered when the event threshold exceeds the data criteria that is defined.

You can create an alert definition to monitor your data in real time. You can identify issues and attacks before they impact your network.

For example, if you are an administrator, you can define a condition such that if the number of firewall deny events crosses a predefined threshold in a given time frame for a specific device, you receive an email alert.

To create an alert definition:

  1. Select Monitor > Alert & Alarms > Alert Definitions.
  2. Click the + icon.
  3. Complete the configuration according to the guidelines provided in Table 1.
  4. Click Ok.

A new alert definition with the configured alert triggering condition is created. You can view the generated alerts from the alert definition to troubleshoot the issues with your system.

Table 1: Alert Definitions Settings

Setting

Guideline

General

Alert Name

Enter a unique string of alphanumeric characters, colons, periods, dashes, and underscores. No spaces are allowed and the maximum length is 63 characters.

Alert Description

Enter a description for the alerts; maximum length is 1024 characters.

Alert Type

Displays the type of alert that is system based.

Status

Select the Active check box to view only the active alerts.

Severity

Select the severity level of the alert: Info, minor, major, critical.

Devices

Select Devices

Select all devices or specific devices. By default, data is displayed for all the devices in the network.

If you choose the Selective option, select devices from the Available column and click the right arrow to move these devices to the Selected column and click OK.

Trigger

 

Data Criteria

Specifies the data criteria from the list of default and user-created filters that are saved from the Event Viewer.

To add saved filters:

  • Click the Use data criteria from filters link. The Add Saved Filters page appears.

  • Select the filters to be added.

  • Click OK.

Time Span

Specify the time period for triggering an alert.

Number of Events

Enter the event threshold (number of logs for each category). An alert triggers if the number exceeds the specified threshold.

Recipient(s)

E-mail address(es)

Specify the e‐mail addresses for the recipients of the alert notification.

Custom Message

Enter a custom string for identifying the type of alert in the alert notification e‐mail.