User guide
ManageEngine Firewall Analyzer :: User Guide
128
Zoho Corp.
Notifications
Creating an Alert Profile
An alert is triggered whenever an event matching a specific criteria is generated. An
alert profile lets you define such specific criteria, and also notify you by email, when the
corresponding alert is triggered.
• Creating New Alert Profile
• Example Alert Profile
Creating a New Alert Profile
Click the Add Alert Profile link to create a new alert profile. You can find this link on
the sub tab or in the Alerts box in the left navigation pane when the Alerts tab is
selected.
1. Enter a unique name for the alert profile in the Profile Name field.
2. Select the Profile Type:
a. Normal Alert Profile
i. Select Device(s) for which the alert needs to be triggered by
selecting the Select All check box or selecting the check boxes of
required devices.
ii. Criteria for which the alert needs to be triggered. You can use the
logical and/or of the selected critera using Match all of the
following or Match any of the following selections. You can set
criteria based on the Severity, Protocol, Date, Received (in Bytes),
Sent (in Bytes), Source, User, Destination, URL, Status, File Name,
Rule, VPN, Virus, Attack, Protocol Identifies, Message, Duration (in
seconds), Record Type, Log ID, Category. Use the Add and
Remove links to specify more or fewer criteria for the alert.
iii. Threshold:
The Priority of the alert can be High, Medium, or Low based on
your requirement for notification. Select the appropriate Priority.
iv. Enter the threshold criteria for the alert to be triggered.
For example: Alert for every: 5 Events generated within 2 Minutes
Here, Events refer to the criteria that has been defined above.
v. Select the owner for the alert from the Assign Owner: combo box.
The combo box lists all the available users in the Firewall Analyzer.
vi. You can Apply Threshold to:
Either, All Devices Selected, in which case the alert will be
triggered when all the firewalls cumulatively crosses the threshold
set in the threshold criteria above.
Or, Each Device Selected, in which case the alert will be
triggered when each firewall crosses the threshold set in the
threshold criteria above.
vii. Notification:
Select the check box Send the notifications once and do not
send for <This Day, This Week, This Month, Custom Period>,
to send only one alert notification for the selected period,
irrespective of any number of alerts generated during the selected