USP Alerts Manager

Overview

In the USP Alerts Manager, you can set up alerts to be triggered when a violation of one of your USP policies is detected for a device.

All defined alerts are listed on the screen and the numbers of alerts found is displayed; disabled alerts are displayed with a gray background and marked with the icon . To better understand violations, see Rule Viewer and Defining protected zones for a device.

When the results are displayed, you can modify or clear the query string, and redisplay as required.

Alert Details

Field

Comments

Status

If enabled, the alert has a white background. If disabled, it has a gray background and is displayed.

# Sequence

Ascending sequence of the alert displayed on the screen

Alert Name  
USP Name A specified USP name or All USPs

Domain

Displayed only when the system is configured for Multi-Domain Management

Devices

One or more specified device names or All Devices

Syslog If the alert is configured to go to syslog, the syslog icon will be shown
Recipients One or more SecureTrack users and optionally external email addresses as well
Description  
Alert Severity Triggers

One or more severities (Low, Medium, High, Critical) that will trigger the alert

Creation / Last Modified Dates  

What Can I Do Here?

Filter the Display

You can filter the display by typing aTQL query into the query field ('Search for alerts...') followed by or Enter. See alert query fields.

Add an Alert

  1. Click + ADD ALERT.

  2. Enter the fields:

    Field

    Comments

    Status

    Enabled by default. Click to set to Disabled

    Alert Name Free text

    Domain

    Enabled only for administrators working in the Multi-Domain Management Global Context. The available options depend on the user's domain permissions. The Domain field cannot be modified once created. Values:

    All Domains - The USP applies to all existing domains at the time violations are calculated

    Specific domain - The USP applies to the current selected domain only

    USP Name All USPs by default. Click to select a specific USP name from the list of USPs.
    Alert Severity Triggers

    Click on one or more severities (Low, Medium, High, Critical) that will trigger the alert

    Devices

    Default All Devices. To specify devices, click Specific Devices then move required devices from Available Devices to Selected Devices.

    To select, click on required items in the Available window and then click > to move them to the Selected window. To unselect, click on items in the Selected window and then click < to move them to the Avaliable Window,

    You can use Ctrl and/or Shift and the left mouse click to select multiple items.

    Alternatively click >> or << to move all items from one window to the other.

    Syslog Select to send alert also to syslog.
    Recipients - SecureTrack Users The current user is selected by default. Add additional users by starting to type the user name and selecting from the list displayed. To remove, hover over the user name and click X. At least one user must be selected.
    Recipients - Other Recipients Enter a valid email address and press Enter. Repeat for additional addresses. To remove, hover over the address and click X.
    Description Free text
  3. Click Save.

Edit an Alert

  1. Click on the alert name, or select the desired alert and click Actions > Edit Alert. The Edit Alert screen is displayed.
  2. All fields can be changed as described in Add an Alert, except domain
  3. Click Save.

Enable / Disable an Alert

  1. Click on the alert name, or select the desired alert and click Actions > Edit Alert. The Edit Alert screen is displayed.
  2. Click on Status to enable or disable
  3. Click Save.

Duplicate an Alert

  1. Select the desired alert and click Actions > Duplicate USP Alert. The Duplicate Alert screen is displayed.
  2. Change the alert name to a name that doesn't exist. All other fields can be changed as described in Add an Alert.
  3. Click Save.

Delete Alerts

  1. Select the desired alerts and click Actions > Edit Alert(s)
  2. Confirm the deletion by clicking Yes..

How Do I Get Here?

From the menu, click Browser > USP Alerts Manager.

Back to Top