Alert, Alert events – Fortinet FortiAnalyzer 3.0 MR7 User Manual
Page 141
Alert
Alert Events
FortiAnalyzer Version 3.0 MR7 Administration Guide
05-30007-0082-20080908
133
Alert
Alerts provide a method of informing you of issues arising on a FortiGate unit,
FortiClient installation, or the FortiAnalyzer unit itself, such as system failures or
network attacks, enabling you to react in a timely manner to the event.
You can configure the FortiAnalyzer unit alert conditions, instructing the
FortiAnalyzer unit what devices and what log messages to monitor, and what to
do in the event a log message appears meeting the alert conditions.
This section includes the following topics:
•
•
Alert Events
Alert events define log message types, severities and sources which trigger
administrator notification. For example, you could configure a trigger on the attack
logs with an SMTP server output if you want to receive an alert by email when
your network detects an attack attempt.
You can choose to notify administrators by email, SNMP or Syslog, as well as the
Alert Console Messages section of the Dashboard. For more information on
viewing alerts locally, see
“Viewing alert console messages” on page 34
.
To view configured alert events, go to Alert > Alert Event.
Figure 1: Alert events list
Create New
Select to add a new alert event.
Delete
Select to remove multiple alert events from the table. To do this,
select the check box next to the alert events and select Delete.
Name
The name given to the alert event.
Devices
The devices the FortiAnalyzer unit is monitoring for the alert event.
Triggers
The log message packets the FortiAnalyzer
unit is monitoring for
the alert event.
Destination
The location where the FortiAnalyzer unit sends the alert
message. This can be an email address, SNMP Trap or syslog
server.
Action
Select Delete to remove the alert event.
Select Edit to change the alert event configuration.
Delete
Edit