I am trying to find a way to get an instant email alert in the case of either a Botnet or IPS incident.
The system is set up and working to receive daily reports, but I want an alert when the incident happens, do i need 3rd party software to do thins
Sign In to comment.
There is an option in Subscription Services -> IPS to enable alerts.
This would apply to any categories to which you have Log selected.
For Botnet, there is no similar setting.
Thanks Bruce. That is already set. The problem I have is that I have never received instant alerts through email notification, even when the option is set
Have you set up e-mail notifications on your Dimension or WSM Log Server
Email notification is setup on both dimension and the Log server.
Dimension sends reports daily; the log server send an email saying:-
'daily appliance reports' has completed successfully, once a day.
I am after an instant alert by email or even pop-up window, which seems to be an option when something triggers one of the subscription services.
The daily report from Dimension produces a report with the alerts the next day, which could be too late
In that case, consider opening a support incident on this.