About alerts

Note: To use this functionality, you need a Smoothwall Filter license for the Guardian module.

You can determine the alerts sent to what groups of users and in what format. Turn on the alert system and customize alerts with configurable thresholds and trigger criteria.

Available alerts

Alert Description
Administration Login Failures Monitors both the Secure Shell (SSH) and Web Interface services for failed login attempts. Monitored constantly.
Bandwidth Monitor Monitors your bandwidth usage and alerts you when the traffic flow for the external interface or bridge exceeds a specific threshold. Each alert that you configure can only monitor traffic in a single direction. However, you can configure multiple Bandwidth Monitor alerts to monitor all traffic. The Bandwidth Monitor alert is not turned on upon installation.
Connection Monitor This alert is triggered when an interface has failed. An additional alert is sent when an interface becomes available again. Monitored constantly.
Email Virus Monitor

These alerts are triggered by detection of malware being relayed via SMTP or downloaded via POP3. Monitored constantly.

Firewall Notifications Monitors Smoothwall Firewall activity and generates warnings based on suspicious activities to or from certain IP addresses involving certain ports. Monitored constantly. This is predefined upon installation.
Global Proxy

Monitors your global proxy's activity and generates warnings about client misconfiguration or potential abuse. Alerts are triggered when client misconfiguration, or potential abuse is detected. Monitored constantly. This is predefined upon installation.

Note: To view this alert, you need a Unified Threat Management license.

Hardware Failover Notification

Generates messages when a hardware failover occurs, or when failover devices are forced on and offline. Monitored constantly.

Note: To view this alert, you need a Unified Threat Management license.

Hardware failure alerts, hard disk failure Generates messages when hardware problems are detected. Monitored constantly.
Health Monitor Monitors remote services for activity. Health monitor alerts are intended help you to keep an eye on various aspects of your network usually outside of the Smoothwall Filter and Firewall. Monitored constantly. This is not turned on upon installation.
Intrusion System Monitor

These alerts are triggered by violations and notices generated by the intrusion system by suspicious network activity. Monitored constantly. Generates alerts for violations and notices generated by both the Intrusion Detection System (IDS) and Intrusion Prevention System (IPS). This is predefined upon installation.

Note: To view this alert, you need a Unified Threat Management license.

L2TP VPN Tunnel Status

L2TP Tunnel status notifications occur when an L2TP (Layer 2 Tunneling Protocol) Tunnel is either connected or disconnected. Monitored once every five minutes.

Note: To view this alert, you need a Unified Threat Management license.

License expiry status warnings Generates messages when the license is due for renewal or has expired. Monitored once an hour. Monitored once an hour.
Mail Queue Monitor Monitors the mail queue for when the number of messages therein exceeds a certain threshold. This is turned off upon installation. It's triggered when the number of messages in the email queue exceeds the specified threshold.
NTLM Authentication Failures This alert is generated when a client is unable to provide correct credentials for NTLM authentication. Monitored constantly. This is not turned on upon installation.
Output System Test Messages Catches test alerts generated for the purposes of testing the Smoothwall Filter and Firewall Output systems. Monitored constantly.
Reverse proxy violations

Monitors reverse proxy activity and generates warnings about connectivity issues. Monitored constantly.

Note: To view this alert, you need a Unified Threat Management license.

System Boot (Restart) Notification This alert is generated whenever the system is started; that is, is turned on or restarted. Monitored once every five minutes.
System Resource Monitor These alerts are triggered whenever the system resources exceed predefined limitations. Monitored once every five minutes. Generates an alert whenever the system resources exceed your predefined limitations. This is predefined upon installation. A system operating at normal performance should record a load average of between 0.0 and 1.0. While higher values aren't uncommon, prolonged periods of high load, for example, averages greater than 3.0 might merit your attention. You can set the disk usage threshold percentage. However, be aware that low amounts of free disk space can adversely affect system performance. The Smoothwall Filter and Firewall uses system memory aggressively to improve system performance, so higher than expected memory usage might not be a concern. However, prolonged periods of high memory usage might indicate that the system could benefit from additional memory.
System Service Monitoring This alert is triggered whenever a critical system service changes status, that is, starts or stops. Monitored once every five minutes. Generates an alert whenever a critical system service changes status, for example, starts or stops. This is predefined upon installation.
Update Monitoring Monitors the system for new updates once an hour.
UPS, Power Supply status warnings Generates messages when server power switches to and from mains supply. Monitored constantly.
VPN Certificate Monitor

Validates the VPN certificates and issues warnings about potential problems, or impending expiration dates. Monitored once an hour. This is predefined upon installation.

Note: To view this alert, you need a Unified Threat Management license.

VPN Tunnel Status

VPN Tunnel status notifications occur when an IPSEC Tunnel is either connected or disconnected. Monitored once every five minutes.

Note: To view this alert, you need a Unified Threat Management license.

Web filter upstream proxy status

This alert is triggered when connectivity to an upstream proxy fails or returns. Monitored once every five minutes.

Note: To view this alert, you need a Smoothwall Filter license for the Guardian module.

Web filter URL violations

Monitors URL activity. Monitored once every five minutes. Monitors access to a list of specific URLs. This also has a caution and a warning level that can be set.

Note: To view this alert, you need a Smoothwall Filter license for the Guardian module.

Web filter violations

Monitors web filter activity and generates warnings about suspicious or blocked web accesses. Monitored constantly. This is predefined, but turned off, upon installation.

Note: To view this alert, you need a Smoothwall Filter license for the Guardian module.

Read more

About alerts

About alert settings

Something not right? .