Руководство Пользователя для Cisco Cisco Content Security Management Appliance M160
14-32
AsyncOS 8.1 for Cisco Content Security Management User Guide
Chapter 14 Common Administrative Tasks
•
The RFC 2822 Header From: when sending alerts (enter an address or use the default
“alert@<hostname>”). You can also set this via the CLI, using the
“alert@<hostname>”). You can also set this via the CLI, using the
alertconfig -> from
command.
•
The initial number of seconds to wait before sending a duplicate alert.
•
The maximum number of seconds to wait before sending a duplicate alert.
•
The status of AutoSupport (enabled or disabled).
•
The sending of AutoSupport’s weekly status reports to alert recipients set to receive system alerts at
the Information level.
the Information level.
Sending Duplicate Alerts
You can specify the initial number of seconds to wait before AsyncOS will send a duplicate alert. If you
set this value to 0, duplicate alert summaries are not sent; instead, all duplicate alerts are sent without
any delay (this can lead to a large amount of email over a short amount of time). The number of seconds
to wait between sending duplicate alerts (alert interval) is increased after each alert is sent. The increase
is the number of seconds to wait plus twice the last interval. So a 5-second wait would have alerts sent
at 5 seconds, 15 seconds, 35 seconds, 75 seconds, 155 seconds, 315 seconds, and so on.
set this value to 0, duplicate alert summaries are not sent; instead, all duplicate alerts are sent without
any delay (this can lead to a large amount of email over a short amount of time). The number of seconds
to wait between sending duplicate alerts (alert interval) is increased after each alert is sent. The increase
is the number of seconds to wait plus twice the last interval. So a 5-second wait would have alerts sent
at 5 seconds, 15 seconds, 35 seconds, 75 seconds, 155 seconds, 315 seconds, and so on.
Eventually, the interval could become large. You can set a cap on the number of seconds to wait between
intervals via the maximum number of seconds to wait before sending a duplicate alert field. For example,
if you set the initial value to 5 seconds, and the maximum value to 60 seconds, alerts would be sent at 5
seconds, 15 seconds, 35 seconds, 60 seconds, 120 seconds, and so on.
intervals via the maximum number of seconds to wait before sending a duplicate alert field. For example,
if you set the initial value to 5 seconds, and the maximum value to 60 seconds, alerts would be sent at 5
seconds, 15 seconds, 35 seconds, 60 seconds, 120 seconds, and so on.
Alert Delivery
Because alert messages can be used to inform you of problems within your Cisco Content Security
appliance, they are not sent using AsyncOS’s normal mail delivery system. Instead, alert messages pass
through a separate and parallel email system designed to operate even in the face of significant system
failure in AsyncOS.
appliance, they are not sent using AsyncOS’s normal mail delivery system. Instead, alert messages pass
through a separate and parallel email system designed to operate even in the face of significant system
failure in AsyncOS.
The alert mail system does not share the same configuration as AsyncOS, which means that alert
messages may behave slightly differently from other mail delivery:
messages may behave slightly differently from other mail delivery:
•
Alert messages are delivered using standard DNS MX and A record lookups.
–
They do not use SMTP routes in AsyncOS versions older then 5.X.
–
They do cache the DNS entries for 30 minutes and the cache is refreshed every 30 minutes, so
in case of DNS failure the alerts still go out.
in case of DNS failure the alerts still go out.
•
Alert messages do not pass through the work queue, so they are not scanned for viruses or spam.
They are also not subjected to message filters or content filters.
They are also not subjected to message filters or content filters.
•
Alert messages do not pass through the delivery queue, so they will not be affected by bounce
profiles or destination control limits.
profiles or destination control limits.