Sending notifications

Users with the Administrator, Senior security officer, or Security officer roles can configure forwarding of notifications to one or multiple email addresses.

You can create notifications about alerts and system health.

Notifications contain a link to the application web interface. Make sure that the name assigned to the Central Node server for use by DNS servers is correct and can be resolved by the DNS server. If the name is incorrect or if the DNS server cannot resolve it, the link to the web interface in the notification will not work.

Users with the Security auditor role can view the list of rules for sending notifications, the properties of a selected rule, and the mail server connection settings, but cannot edit them.

For notifications to be sent to an email address correctly, you must first configure the connection to the mail server. The connection must be configured by the Administrator.

Viewing the table of rules for sending notifications

Rules for sending notifications are displayed in the Settings section, Notifications subsection of the application web interface window.

The table of rules for sending notifications contains the following information:

• Type is the type of rule for sending notifications.

  The following types of rules are possible:

  • Alerts is a rule for sending a notification about alerts.
  • Application operation is a rule for sending a notification about the operation of application components.
• Subject—Subject of the message containing the notification.
• To—Email addresses to which the notifications are sent.
• State—Status of the rule for sending a notification.

Creating a rule for sending notifications about alerts

To create a rule for sending notifications about alerts:

1. In the main window of the application web interface, select the Settings section, Notifications subsection.
2. Go to the Notification rules tab.
3. Click Add.

   This opens the New rule window.

4. In the To field, enter one or multiple email addresses to which you want to send notifications.

   You can enter several email addresses if you separate them with commas.

5. In the Subject field, enter the subject of the notification message.
6. If you want the application to insert the alert importance into the message subject, add the %importance% macro to the Subject field.
7. In the Notification type field, select Alerts.
8. In the Alert importance drop-down list, select the minimum alert importance for which you want notifications to be sent.

   For example, you can configure forwarding of notifications for only alerts that have high importance, or for only those that have medium or high importance.

9. In the Source or destination field, enter an IP address and network mask if you want to send notifications about alerts associated with a specific source or destination IP address or subnet address.
10. In the Email field, enter an email address if you want to send notifications about alerts associated with a specific email sender or recipient address.
11. Under Components, select check boxes next to the names of one or multiple technologies if you want to send notifications about alerts generated by specific technologies.
12. Click Add.

The rule for sending notifications about alerts will be added to the list of rules. To send notifications to the specified email address, you must enable the notification rule. Notifications are sent once to each of the email addresses configured for this rule.

Users with the Administrator and Security auditor roles cannot create rules for sending alert notifications.

In distributed solution mode, you must create notifications separately for each subordinate server (Secondary Central Node, SCN).

Creating a rule for sending notifications about the operation of application components

To create a rule for sending notifications about the operation of application components:

1. In the main window of the application web interface, select the Settings section, Notifications subsection.
2. Go to the Notification rules tab.
3. Click Add.

   This opens the New rule window.

4. In the To field, enter one or multiple email addresses to which you want to send notifications.

   You can enter several email addresses if you separate them with commas.

5. In the Subject field, enter the subject of the notification message.
6. If you want the application to insert the alert importance into the message subject, add the %importance% macro to the Subject field.
7. In the Notification type field, select Application operation.
8. Under Components, select check boxes next to the names of the application's functional areas for which you want to receive notifications.
9. Click Add.

The rule for sending notifications about the operation of application components is added to the list of rules. To send notifications to the specified email address, you must enable the notification rule. Notifications are sent once to each of the email addresses configured for this rule.

Users with the Security auditor role cannot create rules for sending notifications about application operation.

In distributed solution mode, notifications are configured separately for each subordinate server (Secondary Central Node, SCN).

Enabling and disabling a rule for sending notifications

To enable or disable a rule for sending notifications about alerts:

1. In the main window of the application web interface, select the Settings section, Notifications subsection.
2. Go to the Notification rules tab.
3. In the State column, enable or disable the rule for sending notifications using the toggle switch next to the rule.

The state of the rule for sending notifications about alerts will be modified.

Users with the Security auditor role cannot enable or disable notification rules.

Modifying a rule for sending notifications

To edit a rule for sending notifications:

1. In the main window of the application web interface, select the Settings section, Notifications subsection.
2. Go to the Notification rules tab.
3. In the list of rules for sending notifications, select the rule that you want to modify.

   This opens the Edit rule window.

4. Make the relevant changes.
5. Click Save.

The rule for sending notifications will be modified.

Users with the Security auditor role cannot edit rules for sending notifications.

Deleting a rule for sending notifications

To delete a rule for sending notifications:

1. In the main window of the application web interface, select the Settings section, Notifications subsection.
2. Go to the Notification rules tab.
3. Select the check box to the left of the name of each rule that you want to delete.

   If you want to delete all rules, select the check box above the list.

4. Click Delete in the lower part of the window.
5. In the confirmation window, click Yes.

The selected rules will be deleted.

Users with the Security auditor role cannot delete rules for sending notifications.

Filtering and searching notification forwarding rules by rule type

To filter or search notification rules by rule type:

1. In the main window of the application web interface, select the Settings section, Notifications subsection.
2. Go to the Notification rules tab.
3. Click the icon in the table of rules for sending notifications.

   This opens the filter configuration window.

4. Select one of the following options:
   • All
   • Alerts.
   • Application operation.

The table of notification forwarding rules will display only rules that match the filter criteria you have set.

You can use multiple filters at the same time.

Filtering and searching notification forwarding rules based on the notification subject

To filter or search for notification rules by notification subject:

1. In the main window of the application web interface, select the Settings section, Notifications subsection.
2. Go to the Notification rules tab.
3. Click the Subject link to open the filter configuration window.
4. Enter one or several characters of the notification subject.
5. Click Apply.

The filter configuration window closes.

The table of notification forwarding rules will display only rules that match the filter criteria you have set.

You can use multiple filters at the same time.

Filtering and searching notification forwarding rules by email address

To filter or search for notification rules by destination email address:

1. In the main window of the application web interface, select the Settings section, Notifications subsection.
2. Go to the Notification rules tab.
3. Click the To link to open the filter configuration window.
4. Enter one or several characters of the email address.
5. Click Apply.

The table of notification forwarding rules will display only rules that match the filter criteria you have set.

You can use multiple filters at the same time.

Filtering and searching notification forwarding rules based on their status

To filter or search for notification rules by status:

1. In the main window of the application web interface, select the Settings section, Notifications subsection.
2. Go to the Notification rules tab.
3. Click the State link to open the filter configuration window.
4. Select one or several check boxes next to the values of statuses:
   • Enabled
   • Disabled
5. Click Apply.

The filter configuration window closes.

The table of notification forwarding rules will display only rules that match the filter criteria you have set.

You can use multiple filters at the same time.

Clearing a notification forwarding rule filter

To clear the notification rule filter for one or more filtering criteria:

1. In the main window of the application web interface, select the Settings section, Notifications subsection.
2. Go to the Notification rules tab.
3. Click to the right of the header of the column in the notification forwarding rules table for which you want to clear the filter conditions.

   If you want to clear several filter conditions, perform the necessary actions to clear each filter condition.

The selected filters are cleared.

The table of notification forwarding rules will display only rules that match the filter criteria you have set.