Cisco Cisco Web Security Appliance S170 사용자 가이드
26-17
Cisco IronPort AsyncOS 7.7 for Web User Guide
Chapter 26 System Administration
Managing Alerts
control over which alerts are sent to which alert recipients. For example, you can configure the system
to send only specific alerts to an alert recipient, configuring an alert recipient to receive notifications
only when Critical (severity) information about the System (alert type) is sent. You can also configure
general settings (see
to send only specific alerts to an alert recipient, configuring an alert recipient to receive notifications
only when Critical (severity) information about the System (alert type) is sent. You can also configure
general settings (see
Alert Classifications
AsyncOS sends the following alert classifications:
Severities
Alerts can be sent for the following severities:
•
Critical: Requires immediate attention.
•
Warning: Problem or error requiring further monitoring and potentially immediate attention.
•
Information: Information generated in the routine functioning of this device.
Alert Settings
Alert settings control the general behavior and configuration of alerts, including:
•
The RFC 2822 Header From: when sending alerts (enter an address or use the default
“alert@<hostname>”). You can also set this via the CLI, using the
“alert@<hostname>”). You can also set this via the CLI, using the
alertconfig > from
command.
•
The initial number of seconds to wait before sending a duplicate alert.
•
The maximum number of seconds to wait before sending a duplicate alert.
•
The status of AutoSupport (enabled or disabled).
•
The sending of AutoSupport’s weekly status reports to alert recipients set to receive System alerts
at the Information level.
at the Information level.
Sending Duplicate Alerts
You can specify the initial number of seconds to wait before AsyncOS will send a duplicate alert. If you
set this value to 0, duplicate alert summaries are not sent and instead, all duplicate alerts are sent without
any delay (this can lead to a large amount of email over a short amount of time). The number of seconds
to wait between sending duplicate alerts (alert interval) is increased after each alert is sent. The increase
is the number of seconds to wait plus twice the last interval. So a 5 second wait would have alerts sent
at 5 seconds, 15, seconds, 35 seconds, 75 seconds, 155 seconds, 315 seconds, etc.
set this value to 0, duplicate alert summaries are not sent and instead, all duplicate alerts are sent without
any delay (this can lead to a large amount of email over a short amount of time). The number of seconds
to wait between sending duplicate alerts (alert interval) is increased after each alert is sent. The increase
is the number of seconds to wait plus twice the last interval. So a 5 second wait would have alerts sent
at 5 seconds, 15, seconds, 35 seconds, 75 seconds, 155 seconds, 315 seconds, etc.
Table 26-4
Alert Classifications and Components
Alert Classification
Alert Component
System
System
Hardware
Hardware
Updater
Updater
Web Proxy
Proxy
DVS™ and Anti-Malware
DVS
L4 Traffic Monitor
TrafMon