Enabling Compliance Suite Alerts

By default, the compliance suite alerts have pre-configured information to help you get started. In some instances, you can simply enable the alert because the default settings are aimed at capturing a broad range of alerts.

To enable alerts, you must set one of the devices to monitor, the SNMP trap receivers, as well as who receives an alert notification and how they receive it.

Procedure

  1. From the navigation menu, select Alerts > Manage Alert Rules.
  2. Click the Name of the alert.
  3. On the General tab, for Enable select the Yes radio button.

    The following figure shows the General tab for the COBIT: CheckPoint Policy Changed alert.

    CheckPoint Policy Change Alert
  4. Select one of the devices to be alerted on by completing the following steps:

    You can define alerts for all devices, a selection of devices, or a single device.

    1. Select the Devices tab.
    2. In the Available Devices text block, select the appropriate log sources (that is devices) you want to monitor and be alerted on when an alert rule is triggered.
      Note: If the Show Only Device Groups setting is enabled on the Appliance, then the Available Devices text block lists only device groups. To enable or disable this feature, go to Administration > System Settings > General tab, scroll down to the System Performance Settings section and modify the Optimize Device Selection List option.
    3. Click Add All or Add Selected Device(s).

      The following figure shows the Devices tab for the selected alert.

      Available and Selected Devices
  5. The Appliance has the ability to generate an SNMP trap that is sent to an SNMP trap receiver when an alert rule is triggered. Select the alert receivers available to your devices by completing the following steps:
    1. Select the Alert Receivers tab.
    2. In the Available Alert Receivers text block, select the appropriate alert receivers available for your devices.
    3. Click Add All or Add Selected Receiver(s).
  6. Select the email recipients to be alerted with a notification email when an alert rule is triggered by completing the following steps:
    1. Select the Email Recipients tab.
    2. In the Available Users text block, select the appropriate email recipients.

      The Available Users text block lists all of the user accounts on the Appliance.

    3. Click Add All or Add Selected User(s).
  7. Click Update.