Security Alerts

Overview

Security Alerts allow admins to configure email alerts to be sent when Dynamic Rules are triggered.

Usage within applications and APIs

Security Alerts operate at the system level. They can be defined for individual Server Groups, or for multiple Server Groups simultaneously. When any of the specified Dynamic Rules is triggered for any of the specified Server Groups, an email alert will be sent to the designated recipient(s).

Each email alert includes:

  • The Dynamic Rule that was triggered: its name, description, "Limit" (a combination of the Rule's Number of events and Time frame), and "Type" (which corresponds to the Rule's Target setting)

  • A list of the violators of that Rule

In the email alerts, a Dynamic Rule enforcing limits on IP addresses will not be described as Type: IP; rather, the email body will say Type: remote_addr.

Administration

The main window (shown above) lists all currently defined Security Alerts.

The administration (addition/deletion/editing/versioning) of these Alerts follows the conventions described here.

Parameters

Name

The name of this Security Alert, for use within the interface.

Server Groups

The Server Group(s) for which this Security Alert will be active.

Alert recipients

One or more recipients (specified as email addresses, separated by commas) to receive alerts when any of the listed Dynamic Rules are triggered.

Dynamic Rules

One or more Dynamic Rules which will, when violated, trigger the sending of email alerts to the specified recipients.

When adding Dynamic Rules to a Security Alert, ensure that each Rule is in "active mode". Rules that are inactive will not trigger Security Alerts.

PreviousUsers ManagementNextLog Exporters

Last updated

Was this helpful?