Alert settings

Use this page to configure additional alerts or change the default settings of predefined alerts.

Navigation: Reports > Alerts > Alert settings.

Alerts
Enabled Turns on alerts.
Bandwidth Monitor
Direction Indicates if the alert is monitoring the bandwidth of Incoming or Outgoing traffic.
Traffic For

What traffic type that you want to monitor bandwidth for:

Setting Description
Total For all interfaces configured on your Smoothwall.
Any IP Any IP address using the Smoothwall Filter and Firewall.
Single application A single, specified application. An additional list will appear for you to specify the application.
Single application group A single, specified application group. An additional list will appear for you to specify the application group.
Time period The time period to monitor bandwidth for.
Exceeding bandwidth

The bandwidth at which the Smoothwall Filter and Firewall sends an alert.

Setting Description
MB The maximum amount of data usage, in megabytes, permitted before the alert is triggered.
kbps The average data transfer rate, in kilobits per second, permitted before the alert is triggered.

Note: The Smoothwall Filter and Firewall calculates the bandwidth used to two decimal places.

Mark Indicates that this
Remove Removes the selected alert.
Add Adds your new alert to the table.
Email Virus Monitor
Monitor POP3 proxy for viruses Turns on alerting if malware is detected when loading via POP3.
Monitor SMTP relay for viruses Turns on alerting if malware is detected when relaying via SMTP.
Save Turns on your alerts.
Firewall notification
Monitor source (remote) IP addresses detects suspicious inbound communication from remote IP addresses. Alerts are generated if a rapid series of inbound requests from the same remote IP address is detected.
Monitor source (remote) ports detects suspicious inbound communication from remote ports. Alerts are generated if a rapid series of inbound requests from the same remote port is detected.
Monitor destination (local) IP addresses detects suspicious inbound communication to local IP addresses. Alerts are generated if a rapid series of inbound requests to the same local IP address is detected.
Monitor destination (local) ports detects suspicious inbound communication to local ports. Alerts are generated if a rapid series of inbound requests to the same local port is detected.
Warning threshold the number of hits from the source IP addresses before the warning alert is triggered.
Incident threshold the number of hits from the source IP addresses before the incident alert is triggered.
Ignore A comma-separated list of source IP addresses that should be ignored for this alert.
Save Saves your changed settings.
Global Proxy
Monitor for incorrect certificates Indicates that Smoothwall alerts you when a client fails to present the correct certificate. This is either due to the client having the wrong certificate, or due to unauthorized access.
Monitor for DoS attempts Turn off alerting when a client, with a valid certificate, repeatedly attempts a connection. Repeated connections from a client are assumed to be a Denial of Service (DoS) attempt.
Health Monitor
Web servers (HTTP) Retrieves the specified webpage and looks for specific keywords. If the keywords are missing, an alert is triggered.
URL The URL of the webpage to monitor. You can omit http:// when entering the URL.
Retry The number of attempts to retrieve the web page.
Keywords The comma-separated list of keywords to search for.
Mark Indicates that the entry is selected.
Remove Removes the selected alert.
Add Adds your new alert. You can see this in the table.
Other services Checks the specified port is open and offering a service.
IP The IP address.
Port The port number.
Protocol The protocol of the service that you want to check for a response. Select "Other" to see if there's any response to connections on the associated port.
Retry The number of times the address is checked and not receive a response before generating an alert.
Mark Indicates that the entry is selected.
Remove Removes the selected alert.
Add Adds your new alert. You can see this in the table.
DNS name resolution Checks that a domain hasn't expired or been taken over.
Name The domain name.
Address The domain address (URL).
Mark Indicates that the entry is selected.
Remove Removes the selected alert.
Add Adds your new alert. You can see this in the table.
Intrusion System Monitor
Priority The appropriate priority level for this alert.
Add Sets up your alert with your selected priority level.
Mail Queue Monitor
Threshold number of messages The number of messages at which the alert is triggered.
Save Sets up your alert with your set threshold.
NTLM Authentication Failures
Monitor for failed NTLM Authentication Turns on the alert that lets you know of NLTM Authentication Failures.
Save Saves your setting.
System Resource Monitor
System load average warning level (per CPU core) The threshold of the average number of processes waiting to use the processors over a five-minute period. A system operating at normal performance should record a load average of between 0.0 and 1.0. While higher values are not uncommon, prolonged periods of high load (for example, averages greater than 3.0) might merit attention.
Disk usage (%) warning level The threshold of the disk space usage percentage threshold before the alert is triggered. Low amounts of free disk space can adversely affect system performance.
System memory (%) warning level The system memory usage percentage threshold before the alert is triggered. The system memory is used aggressively to improve system performance, so higher than expected memory usage might not be a concern. However, prolonged periods of high memory usage might indicate that the system could benefit from additional memory.
Save Saves your setting changes.
System Service Monitoring
Admin UI server The components, modules and services that generate alerts when they start or stop.
Block page server
Connect Filter Proxy
DHCP server
DPI engine
FTP proxy
IDex Client Proxy
IPsec VPN server
Intrusion Prevention System
L2TP VPN server
Logging server
Mobile Proxy server
Network Time Service
RADIUS server
Report scheduler
Routing server
SMTP relay
Secure shell server
Traffic statistics logger
VMware guest supporting server
Web proxy
Antimalware engine
Authentication service
Central monitor
DHCP relay
DNS proxy server
Datastore server
Guardian web server
IDex cluster
Intrusion Detection System
Kerberos/NTLM service
LCD section
Message censor
Monitor alerts
POP3 proxy
Redis
Reverse Proxy
SIP proxy
SSL VPN server
SystemD
UPS monitor
Web content filter
Web server
VPN certificate monitor
Notification of expired certificates Turns off the expired certificate alerts.
Number of days left (Warning) The number of days before the certificate expires that will trigger a warning alert
Number of days left (Critical) The number of days before the certificate expires that will trigger a critical alert.
Save Saves your changed settings.
Web filter URL violations
URLs to monitor

The URL, or part of a URL, to monitor and you must enter these on separate lines.

For example, these:

  • http://www.example.com
  • example.com
  • real

would match: http://www.example.com/we%20are%20not%20real

Warning threshold The number of hits to the URL before the warning alert is triggered.
Caution threshold The number of hits to the URL before the caution alert is triggered.
Save Saves your changed setting.
Web filter violations
Monitor for blocked accesses Turns on the alert for when users access blocked domains.
Warning threshold The number of hits allowed for blocked accesses before the warning alert is triggered.
Caution threshold The number of hits allowed for blocked accesses before the caution alert is triggered.
Exclude adverts Excludes adverts from this alert.
Monitor for blocked accesses Turns on the alert for when IP addresses access blocked domains.
Warning threshold The number of hits allowed for blocked accesses before the warning alert is triggered.
Caution threshold The number of hits allowed for blocked accesses before the caution alerts is triggered.
Exclude adverts Excludes adverts from this alert.
Save Saves your setting changes.

Read more

About alert settings

Things you can do here

Setting up alerts

Something not right? .