Alert Rule Action
In this section:
Configuring Alert Rules
Alert rules allow you to set up alert notifications matched with incoming events sent from client computers to the Management Server. Alert notifications can be sent via SNMP or as email notifications via SMTP. You can assign severity levels to alert notifications according to requirements.
SMTP
Alerts are the only functionality in Management Center that can utilize SMTP. The SMTP node allows you to enable or disable email notifications and configure the user to which email notifications are sent regarding this alert.
SMTP Enable
Enable SMTP — When selected, SMTP email notifications are enabled according to the configuration settings when alert rule criteria are met.
SMTP Configuration
SMTP configuration settings allow you to specify the server to which emails are sent and the email header details including To, From and Subject details.
Expand Server Settings and E-mail Settings to display the configuration settings.
Property |
Configuration |
|
---|---|---|
Server Settings | Server | Enter the path to the email server through which email notifications are sent to the specified user. |
User Name | User name with which the Management system accesses the email server. | |
Password | Password for the user profile with which the Management System accesses the email server. | |
E-mail Settings | To | Address to which email notifications are sent about the current alert. |
From | Address from which email notifications are sent about the current alert. | |
Subject | Subject line displayed in email notifications about the current alert. |
Create a SMTP Alert for Application Execution Denied
You can setup an SMTP alert to send an email when an application execution is denied.
- Select the Alerts button in the navigation pane.
- Expand the Alert Rules node.
- Select and expand the rule the Application Execution Denied rule in the navigation pane.
- If required, click the Criteria node and specify criteria, for example, a user name.
- Expand the Actions node.
- To send email messages when the alert criteria is met, select the SMTP node, select Enable SMTP and specify the email settings in the SMTP configuration area.
SNMP
The SNMP node allows you to enable or disable trap generation when alert rule criteria are met.
SNMP Configuration
Enable SNMP — When selected, SNMP traps are generated when alert rule criteria are met.
Create a SNMP Trap
The following steps detail how to generate SNMP traps with the Management Center. These steps should be followed for each Management Server if multiple servers are using the same database.
- Enable the Microsoft SNMP Service on the Management Server
On Windows Server 2008 R2 or later, use Microsoft Server Manager to ensure that the feature SNMP Services > SNMP Service is installed.
- Configure the SNMP
Service to Raise SNMP Traps:
- Within the Services control panel, launch the property sheet of the SNMP Service.
- On the Traps tab, set Community name to be public and click Add to list.
- Under Trap Destination click Add and enter the name of the SNMP monitoring server.
- On the Security tab, enable Send authentication trap, ensure public (READ_ONLY) is added to the Accepted Community Names and also enable Accept SNMP packets from any host.
- Restart the SNMP Service and then the Ivanti Alerts Service.
-
Enable SNMP in the Management Console:
To generate SNMP traps when the criteria for an alert rule are met:
- Select the Alerts button in the navigation pane.
- Expand the Alert Rules node.
- Expand the rule that you want to generate the SNMP trap for.
- Select the SNMP node. The SNMP work area displays.
- Select Enable SNMP.