Alert settings Page
Use this page to configure additional alerts or change the default settings of predefined alerts.
Navigation: Reports > Alerts > Alert settings.
Alerts | |
---|---|
Enabled | Turns on alerts. |
Bandwidth Monitor | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Direction | Indicates if the alert is monitoring the bandwidth of Incoming or Outgoing traffic. | ||||||||||
Traffic For |
What traffic type that you want to monitor bandwidth for:
|
||||||||||
Time period | The time period to monitor bandwidth for. | ||||||||||
Exceeding bandwidth |
The bandwidth at which the Smoothwall Filter and Firewall sends an alert.
Note: The Smoothwall Filter and Firewall calculates the bandwidth used to two decimal places. |
||||||||||
Mark | Indicates that this | ||||||||||
Remove | Removes the selected alert. | ||||||||||
Add | Adds your new alert to the table. |
Email Virus Monitor | |
---|---|
Monitor POP3 proxy for viruses | Turns on alerting if malware is detected when loading via POP3. |
Monitor SMTP relay for viruses | Turns on alerting if malware is detected when relaying via SMTP. |
Save | Turns on your alerts. |
Firewall notification | |
---|---|
Monitor source (remote) IP addresses | Detects suspicious inbound communication from remote IP addresses. Alerts are generated if a rapid series of inbound requests from the same remote IP address is detected. |
Monitor source (remote) ports | Detects suspicious inbound communication from remote ports. Alerts are generated if a rapid series of inbound requests from the same remote port is detected. |
Monitor destination (local) IP addresses | Detects suspicious inbound communication to local IP addresses. Alerts are generated if a rapid series of inbound requests to the same local IP address is detected. |
Monitor destination (local) ports | Detects suspicious inbound communication to local ports. Alerts are generated if a rapid series of inbound requests to the same local port is detected. |
Warning threshold | The number of hits from the source IP addresses before the warning alert is triggered. |
Incident threshold | The number of hits from the source IP addresses before the incident alert is triggered. |
Ignore | A comma-separated list of source IP addresses that should be ignored for this alert. |
Save | Saves your changed settings. |
Global Proxy | |
---|---|
Monitor for incorrect certificates | Indicates that Smoothwall alerts you when a device fails to present the correct certificate. This is either due to the device having the wrong certificate, or due to unauthorized access. |
Monitor for DoS attempts | Turn off alerting when a device, with a valid certificate, repeatedly attempts a connection. Repeated connections from a device are assumed to be a Denial of Service (DoS) attempt. |
Health Monitor | |
---|---|
Web servers (HTTP) | Retrieves the specified webpage and looks for specific keywords. If the keywords are missing, an alert is triggered. |
URL | The URL of the webpage to monitor. You can omit http:// when entering the URL. |
Retry | The number of attempts to retrieve the web page. |
Keywords | The comma-separated list of keywords to search for. |
Mark | Indicates that the entry is selected. |
Remove | Removes the selected alert. |
Add | Adds your new alert. You can see this in the table. |
Other services | Checks the specified port is open and offering a service. |
IP | The IP address. |
Port | The port number. |
Protocol | The protocol of the service that you want to check for a response. Select "Other" to see if there's any response to connections on the associated port. |
Retry | The number of times the address is checked and not receive a response before generating an alert. |
Mark | Indicates that the entry is selected. |
Remove | Removes the selected alert. |
Add | Adds your new alert. You can see this in the table. |
DNS name resolution | Checks that a domain hasn't expired or been taken over. |
Name | The domain name. |
Address | The domain address (URL). |
Mark | Indicates that the entry is selected. |
Remove | Removes the selected alert. |
Add | Adds your new alert. You can see this in the table. |
Intrusion System Monitor | |
---|---|
Priority | The appropriate priority level for this alert. |
Add | Sets up your alert with your selected priority level. |
Mail Queue Monitor | |
---|---|
Threshold number of messages | The number of messages at which the alert is triggered. |
Save | Sets up your alert with your set threshold. |
NTLM Authentication Failures | |
---|---|
Monitor for failed NTLM Authentication | Turns on the alert that lets you know of NLTM Authentication Failures. |
Save | Saves your setting. |
System Resource Monitor | |
---|---|
System load average warning level (per CPU core) | The threshold of the average number of processes waiting to use the processors over a five-minute period. A system operating at normal performance should record a load average of between 0.0 and 1.0. While higher values are not uncommon, prolonged periods of high load (for example, averages greater than 3.0) might merit attention. |
Disk usage (%) warning level | The threshold of the disk space usage percentage threshold before the alert is triggered. Low amounts of free disk space can adversely affect system performance. |
System memory (%) warning level | The system memory usage percentage threshold before the alert is triggered. The system memory is used aggressively to improve system performance, so higher than expected memory usage might not be a concern. However, prolonged periods of high memory usage might indicate that the system could benefit from additional memory. |
Save | Saves your setting changes. |
System Service Monitoring | |
---|---|
Admin UI server | The components, modules and services that generate alerts when they start or stop. |
Block page server | |
Connect Filter Proxy | |
DHCP server | |
DPI engine | |
FTP proxy | |
IDex Client Proxy | |
IPsec VPN server | |
Intrusion Prevention System | |
L2TP VPN server | |
Logging server | |
Mobile Proxy server | |
Network Time Service | |
RADIUS server | |
Report scheduler | |
Routing server | |
SMTP relay | |
Secure shell server | |
Traffic statistics logger | |
VMware guest supporting server | |
Web proxy | |
Antimalware engine | |
Authentication service | |
Central monitor | |
DHCP relay | |
DNS proxy server | |
Datastore server | |
Guardian web server | |
IDex cluster | |
Intrusion Detection System | |
Kerberos/NTLM service | |
LCD section | |
Message censor | |
Monitor alerts | |
POP3 proxy | |
Redis | |
Reverse Proxy | |
SIP proxy | |
SSL VPN server | |
SystemD | |
UPS monitor | |
Web content filter | |
Web server |
VPN certificate monitor | |
---|---|
Notification of expired certificates | Turns off the expired certificate alerts. |
Number of days left (Warning) | The number of days before the certificate expires that will trigger a warning alert |
Number of days left (Critical) | The number of days before the certificate expires that will trigger a critical alert. |
Save | Saves your changed settings. |
Web filter URL violations | |
---|---|
URLs to monitor |
The URL, or part of a URL, to monitor and you must enter these on separate lines. For example, these:
would match: http://www.example.com/we%20are%20not%20real |
Warning threshold | The number of hits to the URL before the warning alert is triggered. |
Caution threshold | The number of hits to the URL before the caution alert is triggered. |
Save | Saves your changed setting. |
Web filter violations | |
---|---|
Monitor for blocked accesses | Turns on the alert for when users access blocked domains. |
Warning threshold | The number of hits allowed for blocked accesses before the warning alert is triggered. |
Caution threshold | The number of hits allowed for blocked accesses before the caution alert is triggered. |
Exclude adverts | Excludes adverts from this alert. |
Monitor for blocked accesses | Turns on the alert for when IP addresses access blocked domains. |
Warning threshold | The number of hits allowed for blocked accesses before the warning alert is triggered. |
Caution threshold | The number of hits allowed for blocked accesses before the caution alerts is triggered. |
Exclude adverts | Excludes adverts from this alert. |
Save | Saves your setting changes. |