FortiAnalyzer Version 3.0 MR3 Administration Guide
132 05-30003-0082-20060925
Output Alerts
3 Configure the following options and select OK.
Output
When the FortiAnalyzer unit receives a log messages meeting the alert event
conditions, it sends an alert message as an email, syslog message or SNMP
Trap, informing an administrator of the issue and where it is occurring.
The FortiAnalyzer unit enables you to configure where it sends the alert message.
The FortiAnalyzer unit can send an alert message to an email address via SMTP,
a Syslog server or as an SNMP Trap.
Alert Name Enter a name indicating the type of alert the FortiAnalyzer is
monitoring for.
Device Selection Select the devices the FortiAnalyzer unit monitors for the alert
event. Select from the Available Devices list and select the
right-arrow to move the device name to the Selected Devices list.
Hold the SHIFT or CTRL keys to select multiple devices.
Trigger(s) Select the triggers that the FortiAnalyzer unit uses to indicate
when to send an alert message. Select the following:
• a log type to monitor
• the event level to monitor for within the log messages.
• the relation to the level. For example, selecting >= Warning,
the FortiAnalyzer unit will send alerts when a log message has
a level of Warning, Error, Critical, Alert and Emergency.
Generic Text Select to add a standard text response for the alert notification.
Threshold Set the threshold or log message level frequency that the
FortiAnalyzer unit monitors for before sending an alert message.
For example, set the FortiAnalyzer unit to send an alert only after
it receives five emergency messages in an hour.
Destination(s) Select where the FortiAnalyzer unit sends the alert message.
Send alert to Select an email address, SNMP trap or Syslog server from the list.
You must configure the SNMP traps or Syslog server, before you
can select them from the list.
For the FortiAnalyzer unit to send an email message, you must
configure a DNS server and mail server account. For details see
“Mail server” on page 133.
For details on configuring SNMP traps, see “SNMP access” on
page 133.
For details on configuring Syslog servers, see “Syslog Servers” on
page 134.
From Email Address When configuring the FortiAnalyzer unit to send an email address,
enter an originator email address.
To Email Address When configuring the FortiAnalyzer unit to send an email alert
message, enter the recipients of the email message.
Add Select Add to add the destination for the alert message. Add as
many recipients as required.
Delete Select a recipient from the Destination list and select Delete to
remove a recipient.
Include Alert Severity Select the alert severity value to include in the outgoing alert
message information.
To Next Page
Loading...
Need help?
General