We have recently moved all of our firewalls to the cloud for reporting,
However since then we no are no longer getting email notifications whenever there is a policy matched on the firewall or a change has been made to the config.
Is there anywhere in the cloud to set this up or do we still need to use a Dimension VM or WSM Log server purely for sending the notifications?
Sign In to comment.
I believe that you do still need to use a Dimension VM or WSM Log server for e-mail notifications
Bruce is correct for the time being. I believe WatchGuard's Cloud Roadmap has lots of enhancements and updates slated for Q3 & Q4 that will address features like that.
For the time being, we use both the Cloud and a Dimension VM for notifications/alarms.
It might also be worth looking into the Technology Integrations such as Autotask, which happens to be our ticketing system and allows the fireboxes to generate their own tickets with a designated queue and priority.
Currently in the Cloud you can create some basic rules for specific devices such as the Device Status. (Subscriber view: Administration > Notifications > Rules)
@Tomcat31 @Bruce_Briggs @Masters
Email notifications for Firebox events/alarms have been added to WatchGuard Cloud TODAY! Please note that the default setting is to Send All Events, which, depending upon how you have your Firebox configured, can result in a LOT of emails. The Notification Rule supports a Send At Most parameter so you can specify the maximum number of emails you want the rule to send in a single day. Note that the rule will apply to all Fireboxes in that particular account, so if you set the cap to 1000 emails (the current max, which we will increase within the next couple of weeks) you will stop receiving Firebox alarms once you have had 1000 triggering events accumulated across all of your Fireboxes. We'll continue to work on Firebox notifications, but we wanted to get this initial iteration into the product to close the gap with on-prem Dimension.
Exactly where is the Notification Rule ?
I'm not finding it at the moment.
Administration -> Notifications
Click Rules then Add Rule
Notification Source: Devices
Notification Type: device_alarms
Ah - your earlier post suggested that this was a preexisting rule, not one that we needed to add to modify the default setting.
Not sure about the thinking that we need to add a rule to override the default .... instead of adding a rule to do what we want.
Where do we find the "Send At Most" parameter ?
I'm not seeing it as an option on adding the notification rule.
OK got it - one needs to select a delivery method in order to see the Frequency field option