Home » Event Alerts » Create Alert Profile

How to Create Alert Profile

To create an alert profile in the user interface, using any one of the following menu options:

  • Alerts tab > Alerts Profiles > +
  • Tabs: +Add > Alert
  • Settings tab > Alerts > Add

Follow the procedure given below to create alert profile.

 

Create alert profile

 

  1. Enter a unique name for the alert profile

  2. Assign criticality for the alerts generated using this profile. The options available are High, Medium, and Low

  3. Alert can be generated for selected host(s) and host group(s). Select the required host(s) and host group(s)

  4. Use the pre-defined alert criteria to set up the alerts quickly. If you have an alert requirement which is not covered by pre-defined criteria, use the custom alert criteria. If you have compliance specific alert requirement use the compliance alert criteria. Select the alert criteria as required. Define the criteria for alerts

Pre-defined Alerts

Predefined alert criteria

    1. Select pre-defined alert to define alert criteria
    2. Select a pre-defined alert item
    3. When a pre-defined alert item is selected, the Severity/ Event ID, Log Type, and Message of the log are automatically populated and the fields are non-editable. With this alert profile can be created fast.
    4. Further alert generation can be controlled from one alert per event to one alert for a defined number events occurring within a defined time period. Enter the number of events and the time duration for which one alert should be generated

Compliance Alerts

Compliance alert criteria

    1. Select compliance alert to define alert criteria

    2. When compliance alert is selected, the supported compliances are listed. The compliances are FISMA, PCI, HIPAA, SOX, and GLBA. Compliance specific alerts for Failed Logon Attempts, Policy Changes, Account Changes & Audit Logs Cleared. Select the compliance(s) as required

    3. Further alert generation can be controlled from one alert per event to one alert for a defined number events occurring within a defined time period. Enter the number of events and the time duration for which one alert should be generated

Custom Alerts

Custom alert criteria

    1. Select custom alert to define alert criteria

    2. Select the log type from the list. Default value will be Any. Select multiple log types using + More link. Alert is generated if other criteria is met for any one of the log types

    3. Select the severity from the list. Default value will be Any. Select multiple severity using + More link. Alert is generated if other criteria are met for any one of the severity. If Event ID is selected, enter the event ID or use the Event ID to select the event IDs for a specific message

    4. Use the Log Message Contains fields to define the alert to get triggered if a specific word or phrase is found in the log message and use the Except field to define the alert to not get triggered if a specific word or phrase is found in the log message.

    5. For the above two fields, advanced option is available. With that option more than one matching word or phrase can be defined and it can any one of the word/ phrase or all    

    6. Further alert generation can be controlled from one alert per event to one alert for a defined number events occurring within a defined time period. Enter the number of events and the time duration for which one alert should be generated

  1. The generated alert can be notified by Email and SMS and with Run Program a script or program can be executed on generation alert, to rectify the alert condition. Select the notification option

Settings to notify alert by Email

Enter the details required for sending alert notification using email.

Email alert notification

  1. Enter the email address(es). Enter multiple email addresses separated by comma (,)

  2. Enter the subject line of the email notification. You can also append the alert argument(s) to the subject line. Select the arguments from the list

  3. You can add notes to the email notification. The maximum limit of notes is 250 characters. This will be appended to email notification content

Mail server configuration prompt

If mail server is not configured in EventLog Analyzer, you will be prompted to set it when Notify by Email option is selected

Settings to notify alert by Run Program

Enter the details required for running a script or program when the alert notification is triggered.

Run program on alert generation

  1. Enter the name of the script file with location in the EventLog Analyzer client machine. Alternatively, use the Browse button to select the script file

  2. Specify the alert argument(s) to be passed to the script. Select the arguments from the list. The listed arguments are, source of the log, host generating the log, and the criticality of the alert

Settings to notify alert by SMS

Enter the details required for sending alert notification using SMS.

SMS alert notification

  1. Enter the mobile number to which the SMS notification to be sent

  2. Enter the message of the SMS notification. You can also append the alert argument(s) to the message. Select the arguments from the list

SMS server configuration prompt

If SMS setting is not configured in EventLog Analyzer, you will be prompted to set it when Notify by SMS option is selected

  1. Use the Add Alert Profile button to complete the alert profile creation. The created alert profile will be listed in the Alert Profile Details screen. The profiles can be enabled, disabled, modified, and deleted from the list

 
 
Copyright © 2013, ZOHO Corp. All Rights Reserved.
ManageEngine