Alert

Alert Events

Alert

Alerts provide a method of informing you of issues arising on a FortiGate unit, FortiClient installation, or the FortiAnalyzer unit itself, such as system failures or network attacks, enabling you to react in a timely manner to the event.

You can configure the FortiAnalyzer unit alert conditions, instructing the FortiAnalyzer unit what devices and what log messages to monitor, and what to do in the event a log message appears meeting the alert conditions.

This section includes the following topics:

Alert Events

Output

Alert Events

Alert events define log message types, severities and sources which trigger administrator notification. For example, you could configure a trigger on the attack logs with an SMTP server output if you want to receive an alert by email when your network detects an attack attempt.

You can choose to notify administrators by email, SNMP or Syslog, as well as the Alert Console Messages section of the Dashboard. For more information on viewing alerts locally, see “Viewing alert console messages” on page 34.

To view configured alert events, go to Alert > Alert Event.

Figure 1: Alert events list

 

 

 

 

 

Delete

 

 

 

Edit

 

Create New

Select to add a new alert event.

Delete

Select to remove multiple alert events from the table. To do this,

 

select the check box next to the alert events and select Delete.

Name

The name given to the alert event.

Devices

The devices the FortiAnalyzer unit is monitoring for the alert event.

Triggers

The log message packets the FortiAnalyzer unit is monitoring for

 

the alert event.

Destination

The location where the FortiAnalyzer unit sends the alert

 

message. This can be an email address, SNMP Trap or syslog

 

server.

Action

Select Delete to remove the alert event.

 

Select Edit to change the alert event configuration.

FortiAnalyzer Version 3.0 MR7 Administration Guide

 

05-30007-0082-20080908

133

Page 141
Image 141
Fortinet 3.0 MR7 manual Alert Events, Triggers