Setting up alerts
How to: Hint on setting up alerts
First, always check if any of the predefined alert criteria would satisfy the requirement. Proceed with custom alerts only if the requirement is very peculiar.
Log on to GUI ⇾ Go to the "Alerts" tab ⇾ click on "Add Alert Profile" at the right-top corner
In this page, enter the Alert Profile Name (this cannot be edited in the future), choose Severity, and select the devices whose logs should be considered.
In "Select alert" field:
Under the "Predefined Alerts" tab, choose the appropriate "Alert log type" from the drop-down box, and the suitable criteria (If further filtering of the list of criteria is required, use the "Alert Category" drop-down box).
Note: Upon clicking on "Add Criteria at the right-bottom corner, the window will be redirected to the "Custom Alerts" tab to add additional criteria as required. |
Under "Compliance Alerts", the criteria are grouped based on the respective compliance.
Under "Custom Alerts", the user can define criteria for his unique requirements. This option is very customizable that even a single keyword in the log can be used. Note: Using "AND" operand implies that both the criteria should be satisfied and using "OR" operand implies that at least one should be satisfied.
Note: Alternatively, the search results in the "Search" tab can be saved on a new Alert Profile directly. This method will also give a confirmation about the correctness of the criteria. |
Alert Format Message: The details in the alert results under the "Alert" tab depends on the Macro used in this option.
In Advanced Configuration:
Threshold: The alert profile will be triggered only if the given number of events occur within the given time.
Time Range: Only the events generated during this period will be taken into account.
Alert Notification: Email/SMS details should be configured here. Also, there is an option to choose when the alerts to be delivered.
New to ADSelfService Plus?
Related Articles
What to do if the Alerts stopped triggering or is getting delayed?
Open the EventLog Analyzer GUI, go to the Alerts tab ⇾ click on "More tools" at the right-top corner and click on "Manage Profiles". Ensure the alert profile is enabled. Click on "Update" next to the Alert Profile name, ensure that the "Email ...Log collection failure alerts
Device down alert: When configured devices don't respond to pings from EventLog Analyzer, it implies either of the following: The selected Syslog devices are not sending logs to EventLog Analyzer. EventLog Analyzer has not collected logs from the ...Prerequisites to simulate Ransomware correlation rule in EventLog Analyzer
Prerequisites to simulate Ransomware correlation rule in EventLog Analyzer: 1) Ensure to add the target machine inside EventLog Analyzer(Product Configuration): Refer: Adding Windows Devices On adding a windows device, the default monitoring interval ...Understanding your log management solution
Key log terminologies When managing logs, there are terminologies that will help you make the most of the product in hand. Following are the list of such terms and their definitions as used in EventLog Analyzer. Agentless and agent-based log ...Introduction to EventLog Analyzer
What is log management? An enterprise network consists of different entities—perimeter devices, workstations, servers, applications, and more. Each entity records every activity that unfolds within it in the form of logs. These logs hold information ...