Cisco Cisco Content Security Management Appliance M160 Guía Del Usuario
13-29
Cisco IronPort AsyncOS 8.0 for Security Management User Guide
Chapter 13 Common Administrative Tasks
such as when the severity level is Critical and the alert type is System. You can also configure general
settings (see
settings (see
for a complete list
of alerts.
Alert Classifications
AsyncOS sends the following alert classifications:
–
System
–
Hardware
Severities
Alerts can be sent for the following severities:
–
Critical: issue that requires immediate attention
–
Warning: problem or error requiring further monitoring and potentially immediate attention
–
Info: information generated in the routine functioning of this device
Alert Settings
Alert settings control the general behavior and configuration of alerts, including:
•
The RFC 2822 Header From: when sending alerts (enter an address or use the default
“alert@<hostname>”). You can also set this via the CLI, using the
“alert@<hostname>”). You can also set this via the CLI, using the
alertconfig -> from
command.
•
The initial number of seconds to wait before sending a duplicate alert.
•
The maximum number of seconds to wait before sending a duplicate alert.
•
The status of AutoSupport (enabled or disabled).
•
The sending of AutoSupport’s weekly status reports to alert recipients set to receive system alerts at
the Information level.
the Information level.
Sending Duplicate Alerts
You can specify the initial number of seconds to wait before AsyncOS will send a duplicate alert. If you
set this value to 0, duplicate alert summaries are not sent; instead, all duplicate alerts are sent without
any delay (this can lead to a large amount of email over a short amount of time). The number of seconds
to wait between sending duplicate alerts (alert interval) is increased after each alert is sent. The increase
is the number of seconds to wait plus twice the last interval. So a 5-second wait would have alerts sent
at 5 seconds, 15 seconds, 35 seconds, 75 seconds, 155 seconds, 315 seconds, and so on.
set this value to 0, duplicate alert summaries are not sent; instead, all duplicate alerts are sent without
any delay (this can lead to a large amount of email over a short amount of time). The number of seconds
to wait between sending duplicate alerts (alert interval) is increased after each alert is sent. The increase
is the number of seconds to wait plus twice the last interval. So a 5-second wait would have alerts sent
at 5 seconds, 15 seconds, 35 seconds, 75 seconds, 155 seconds, 315 seconds, and so on.
Eventually, the interval could become large. You can set a cap on the number of seconds to wait between
intervals via the maximum number of seconds to wait before sending a duplicate alert field. For example,
if you set the initial value to 5 seconds, and the maximum value to 60 seconds, alerts would be sent at 5
seconds, 15 seconds, 35 seconds, 60 seconds, 120 seconds, and so on.
intervals via the maximum number of seconds to wait before sending a duplicate alert field. For example,
if you set the initial value to 5 seconds, and the maximum value to 60 seconds, alerts would be sent at 5
seconds, 15 seconds, 35 seconds, 60 seconds, 120 seconds, and so on.
Alert Delivery
Because alert messages can be used to inform you of problems within your Cisco IronPort appliance,
they are not sent using AsyncOS’s normal mail delivery system. Instead, alert messages pass through a
separate and parallel email system designed to operate even in the face of significant system failure in
AsyncOS.
they are not sent using AsyncOS’s normal mail delivery system. Instead, alert messages pass through a
separate and parallel email system designed to operate even in the face of significant system failure in
AsyncOS.