USP Alerts Manager

Overview
What Can I Do Here?
How Do I Get Here?

Overview

In the USP Alerts Manager, you can set up alerts to be triggered when a violation of one of your USP policies is detected for a device.

All defined alerts are listed on the screen and the numbers of alerts found is displayed; disabled alerts are displayed with a gray background and marked with the icon . To better understand violations, see Rule Viewer and Defining protected zones for a device.

When the results are displayed, you can modify or clear the query string, and redisplay as required.

Alert Details

Field	Comments
Status	If enabled, the alert has a white background. If disabled, it has a gray background and is displayed.
# Sequence	Ascending sequence of the alert displayed on the screen
Alert Name
USP Name	A specified USP name or All USPs
Domain	Displayed only when the system is configured for Multi-Domain Management
Devices	One or more specified device names or All Devices
Syslog	If the alert is configured to go to syslog, the syslog icon will be shown
Recipients	One or more SecureTrack users and optionally external email addresses as well
Description
Alert Severity Triggers	One or more severities (Low, Medium, High, Critical) that will trigger the alert
Creation / Last Modified Dates

Filter the Display

You can filter the display by typing aTQL query into the query field ('Search for alerts...') followed by or Enter. See alert query fields.

Add an Alert

Click + ADD ALERT.

Enter the fields:

Field	Comments
Status	Enabled by default. Click to set to Disabled
Alert Name	Free text
Domain	Enabled only for administrators working in the Multi-Domain Management Global Context. The available options depend on the user's domain permissions. The Domain field cannot be modified once created. Values: All Domains - The USP applies to all existing domains at the time violations are calculated Specific domain - The USP applies to the current selected domain only
USP Name	All USPs by default. Click to select a specific USP name from the list of USPs.
Alert Severity Triggers	Click on one or more severities (Low, Medium, High, Critical) that will trigger the alert
Devices	Default All Devices. To specify devices, click Specific Devices then move required devices from Available Devices to Selected Devices. To select, click on required items in the Available window and then click > to move them to the Selected window. To unselect, click on items in the Selected window and then click < to move them to the Avaliable Window, You can use Ctrl and/or Shift and the left mouse click to select multiple items. Alternatively click >> or << to move all items from one window to the other.
Syslog	Select to send alert also to syslog.
Recipients - SecureTrack Users	The current user is selected by default. Add additional users by starting to type the user name and selecting from the list displayed. To remove, hover over the user name and click X. At least one user must be selected.
Recipients - Other Recipients	Enter a valid email address and press Enter. Repeat for additional addresses. To remove, hover over the address and click X.
Description	Free text

Click Save.

Edit an Alert

Click on the alert name, or select the desired alert and click Actions > Edit Alert. The Edit Alert screen is displayed.
All fields can be changed as described in Add an Alert, except domain
Click Save.

Enable / Disable an Alert

Click on the alert name, or select the desired alert and click Actions > Edit Alert. The Edit Alert screen is displayed.
Click on Status to enable or disable
Click Save.

Duplicate an Alert

Select the desired alert and click Actions > Duplicate USP Alert. The Duplicate Alert screen is displayed.
Change the alert name to a name that doesn't exist. All other fields can be changed as described in Add an Alert.
Click Save.

Delete Alerts

Select the desired alerts and click Actions > Edit Alert(s)
Confirm the deletion by clicking Yes..

How Do I Get Here?

From the menu, click Browser > USP Alerts Manager.