On This Page
From January 01, 2023, TOS R21-3 Classic is EOL. Technical support will be available for a limited period to customers with Extended Support agreements.
Policy Change, Administrative, Heartbeat, Audit Trail
The notifications you can configure are:
- Policy Change Notifications provide real-time information on changes to monitored firewall policies, similar to the information provided in the New Revision report.
Policy Change Notifications can be sent in the following ways:
- Send by SNMP Traps: SNMP Notifications are sent to the SNMP Server configured here:
- SNMP Server: Configure the IP address of the SNMP server which SecureTrack should send Policy Change SNMP Traps to.
- SNMP Community: Choose the SNMP Community string, which will be used in the Policy Change SNMP traps. The community string is often used as a method of easy identification and classification of different SNMP traps.
- Send by syslog: Policy Change Notifications are sent to the server configured under Configuring Servers.
- Send by SNMP Traps: SNMP Notifications are sent to the SNMP Server configured here:
- SecureTrack Administrative Alerts notify administrators of the following types of problems with the SecureTrack server or appliance:
- Disk usage
- License status
- Device connectivity
- SecureTrack processes
Administrative Alerts can be sent the following ways:
- Send by syslog: The alerts are sent to the syslog server configured under Configuring Servers.
- Send by email: The alerts are sent to the Recipients configured here (SecureTrack Administrators only), using the SMTP server configured under Configuring Servers.
- SecureTrack Heartbeat: Periodically sent SNMP Notifications indicating the monitoring statuses of monitoring processes, for Check Point management servers only. To enable the SecureTrack Heartbeat, select Send periodic SNMP traps, and configure the following:
- SNMP Server: The IP address of the SNMP server to which SecureTrack should send Hearbeat SNMP Traps.
- SNMP Community: The SNMP Community string, which will be used in the Heartbeat SNMP traps. The community string is often used as a method of easy identification and classification of different SNMP traps.
- Frequency: The Heartbeat SNMP trap frequency (in seconds).
- SecureTrack Audit Trail: When you select Send by syslog, SecureTrack sends syslog messages to the configured syslog server with the username and time for the events listed in the audit trail.
The areas of SecureTrack that are audited are:
System Configuration |
Device Monitoring, Analysis and Reporting |
|
|
Each action is listed with:
- The date and time of the action
- The username of the user that did the action
- The IP address of the host from which the action was done (automatic actions, such as scheduled reports, are listed without a user IP address)
- The category or feature area that the action belongs to
- The type of action, such as add, remove, modify, or generate report
- The type of object and object name to which the action was done
- A description of the action