Alert Types
The alert types are:
- Adaptive Baseline Alert
- Use the Adaptive Baseline Alert to notify you if message rates fall above or below your average baseline range for the specified day and time of the week.
- Cisco PIX/ASA Messages Alert
- The Cisco PIX Messages alert allows for triggering on PIX message criticality, code, and message rate. Since this alert is specific to Cisco PIX messages, the alert device selection is limited to Cisco PIX devices.
- Message Volume Alert
- The Message Volume-Based alert allows alerting when message volume falls below, or is above, preset messages-per-second thresholds. This alert applies to all devices.
- Network Policy Alert
- The Network Policy Alert allows for auditing firewall policies. The Network Policy Alert Rules should mirror your firewall policy rules. Any firewall messages matching the Deny Policy Action Rules trigger the alert, or outside of the Accept Policy Action Rules, trigger the alert.
- Search Filter Alert
- The Pre-Defined Search Filter Alert allows for alert notification when a text search match occurs within the received log message. This alert leverages the Log Appliance search filters for the text search match definitions. To define the text match for the alert, use Search Filters on the navigation tree.
- Ratio Based Alert
- The Ratio Based Alert triggers when the percentage of a specified message type exceeds or falls below specified percentages.
For example, the Denied/(Accept+Denied) Alert Ratio can be used to trigger an alert when the number of Denied messages exceeds 90% of the Accept and Denied message count.
- System Alert
- The System Alert allows for notification when system health and status criteria exceed acceptable bounds.
- VPN Connection Alert
- The VPN Connection Alert triggers when a VPN connection is denied access and/or disconnected. The VPN Connection alert is only applicable to Cisco VPN, Radius, and Nortel Contivity devices.
- VPN Message Alert
- The VPN Message Alert triggers on combinations of specific VPN message area, severity, and code. This alert is applicable to Cisco VPN devices.
- VPN Statistics Alert
- The VPN Statistics Alert triggers when recorded statistics on VPN or Radius messages match relative or absolute criteria.
For example, you can configure an alert to trigger when the Number of Bytes Received per day for a specific user exceeds 1Mb per day, which is an absolute value. The alert rule can also be configured as a relative rule, such as “grows by 10%.”
Copyright © Cloud Software Group, Inc. All rights reserved.