On This Page
USP Alerts Manager
Overview
In the USP Alerts Manager, you can set up alerts to be triggered when a violation of one of your USP policies is detected for a device.
All defined alerts are listed on the screen and the numbers of alerts found is displayed; disabled alerts are displayed with a gray background and marked with the icon . To better understand violations, see Rule Viewer and Defining protected zones for a device.
When the results are displayed, you can modify or clear the query string, and redisplay as required.
Alert Details
Field |
Comments |
---|---|
Status |
If enabled, the alert has a white background. If disabled, it has a gray background and is displayed. |
# Sequence |
Ascending sequence of the alert displayed on the screen |
Alert Name | |
USP Name | A specified USP name or All USPs |
Domain |
Displayed only when the system is configured for Multi-Domain Management |
Devices |
One or more specified device names or All Devices |
Syslog | If the alert is configured to go to syslog, the syslog icon will be shown |
Recipients | One or more SecureTrack users and optionally external email addresses as well |
Description | |
Alert Severity Triggers |
One or more severities (Low, Medium, High, Critical) that will trigger the alert |
Creation / Last Modified Dates |
What Can I Do Here?
- Filter the display
- Add an alert
- Edit an alert
- Enable / disable an alert
- Duplicate an alert
- Delete alerts
Filter the Display
You can filter the display by typing aTQL query into the query field ('Search for alerts...') followed by or Enter. See alert query fields.
Add an Alert
-
Click + ADD ALERT.
-
Enter the fields:
Field Comments
Status
Enabled by default. Click to set to Disabled
Alert Name Free text Domain
Enabled only for administrators working in the Multi-Domain Management Global Context. The available options depend on the user's domain permissions. The Domain field cannot be modified once created. Values:
All Domains - The USP applies to all existing domains at the time violations are calculated
Specific domain - The USP applies to the current selected domain only
USP Name All USPs by default. Click to select a specific USP name from the list of USPs. Alert Severity Triggers Click on one or more severities (Low, Medium, High, Critical) that will trigger the alert
Devices
Default All Devices. To specify devices, click Specific Devices then move required devices from Available Devices to Selected Devices.
To select, click on required items in the Available window and then click > to move them to the Selected window. To unselect, click on items in the Selected window and then click < to move them to the Avaliable Window,
You can use Ctrl and/or Shift and the left mouse click to select multiple items.
Alternatively click >> or << to move all items from one window to the other.
Syslog Select to send alert also to syslog. Recipients - SecureTrack Users The current user is selected by default. Add additional users by starting to type the user name and selecting from the list displayed. To remove, hover over the user name and click X. At least one user must be selected. Recipients - Other Recipients Enter a valid email address and press Enter. Repeat for additional addresses. To remove, hover over the address and click X. Description Free text - Click Save.
Edit an Alert
- Click on the alert name, or select the desired alert and click Actions > Edit Alert. The Edit Alert screen is displayed.
- All fields can be changed as described in Add an Alert, except domain
- Click Save.
Enable / Disable an Alert
- Click on the alert name, or select the desired alert and click Actions > Edit Alert. The Edit Alert screen is displayed.
- Click on Status to enable or disable
- Click Save.
Duplicate an Alert
- Select the desired alert and click Actions > Duplicate USP Alert. The Duplicate Alert screen is displayed.
- Change the alert name to a name that doesn't exist. All other fields can be changed as described in Add an Alert.
- Click Save.
Delete Alerts
- Select the desired alerts and click Actions > Edit Alert(s)
- Confirm the deletion by clicking Yes..
How Do I Get Here?
From the menu, click Browser > USP Alerts Manager.