Installation manual
63
corresponding level. Otherwise such notification rules would never find a trigger in the server log. The following log
entries are available:
– ADSI_SYNCHRONIZE – Active Directory group synchronization
– CLEANUP – Server cleanup tasks
– CREATEREPORT – On-demand report generating
– DEINIT – Server shutdown
– INIT – Server startup
– INTERNAL 1 – Internal server message
– INTERNAL 2 – Internal server message
– LICENSE – License administration
– MAINTENANCE – Server maintenance tasks
– NOTIFICATION – Notification management
– PUSHINST – Push install
– RENAME – Internal structure renaming
– REPLICATION – Server replication
– POLICY – Policy management
– POLICYRULES – Policy rules
– SCHEDREPORT – Automatically generated reports
– SERVERMGR – Internal server thread management
– SESSION – Server’s network connections
– SESSION_USERACTION - various user actions
– THREATSENSE – ThreatSense.NET – statistical information submission
– UPDATER – Server update and mirror creation
An example of a helpful parameter is UPDATER, which sends a notification message when the Notification Manager finds
a problem related to update and mirror creation in the server logs.
License Expiration – License will expire in the specified number of days, or it already has expired. Select the option
Warn only if this will cause the number of clients in the license fall below the number or actual clients in the
server database to send a notification if expiration will cause the number of clients in the license to fall below the
number of currently connected clients.
Limit license – If percent of free clients falls under the specified value
The following parameters are available for the New Log Event Triggers:
Log type – Select Event Log, Threat Log, or Firewall Log
Log level – Log entry level in the given log
- Level 1 – Critical Warnings – Critical errors only
- Level 2 – Above + Warnings – The same as 1, plus alert notifications
- Level 3 – Above + Normal – The same as 2, plus informative notifications
- Level 4 – Above + Diagnostic – The same as 3, plus diagnostic notifications
1000 occurrences in 60 minutes – Type the number of occurrences and select the time period to specify the event
frequency that must be reached for the notification to be sent. The default frequency is 1000 occurrences in one hour.
Amount – Number of clients (either absolute or in percent)
Other trigger types do not have any specific parameters.
If the specified parameters for a rule are met, the action defined by the administrator is automatically performed. To
configure actions, click Edit… in the Action section. The action editor offers these options:
Email – The program sends the notification text of the rule to the specified email address; enter a Subject and click To
to open the address book.
SNMP Trap – Generates and sends SNMP notification
Execute (on server) – Enable this option and specify the application to run on the server
Log To File (on server) – Generates log entries in the specified log file. The Verbosity of this log is configurable.
Also Log Message - the message body will also be written to the log.
Log To Syslog - Record notifications to system logs; the Verbosity of notifications can be configured.
Logging – Records notifications to server logs; the Verbosity of notifications can be configured. For this feature to work
correctly, you must enable logging in the ERA Server (Tools > Server Options > Logging).