Policy Settings >> Alert Settings
  1. "Alert Settings" is for setting alert trigger conditions and admin email settings. Trigger events include "Keywords Alert", "Alert on application launching", "Bandwidth" and "others".
  2. "Keywords Alert" will be triggered when certain keywords are found in instant messages, emails, webpage title and web posting content.
  3. "Alert on application launching" will be triggered when certain protocol traffic is detected.
  4. "Bandwidth Alert" will be triggered when a certain time bandwidth exceeds threshold.
  5. "Other Alert" supports disk space alert, new found computer, and ip address changing.

Settings

1. Keywords Alert

Keywords Settings. When a keyword is found in instant messages, emails, webpage title or web posting content. An alert email will be sent to the administrator.

  1. "Enable Keywords Alert": Enable keywords alert or not.
  2. "Alert On": check keywords alert on certain types of contents. Please notice: WFilter does not check files larger than 20M for emails/web posting.
  3. "Keywords List": alert keywords list. Each keyword per line.
  4. Keywords started with "-" will be denial keywords. For example, with "-keyword1", content with "keyword1" will not trigger the alert.

2. Alert on application launching

Enable Alert on Application Launching.

When traffic of certain software is detected, an alert email will be sent to the administrator.

By clicking "Customize alert email format of application launching", you will be able to configure the alert email format.

3. Bandwidth Alert

When bandwidth exceeds the Threshold in a certain period of time, an alert email will be sent.

4. Other Alert

  1. Send alert when free disk space is less than 1GB.
  2. Send alert when a new computer is found.
  3. Send alert when a computer's ip address is changed. This alert is not supported in "By IP Address" mode.

5. Admin EMail

Email Alert - send alerts to administrator emails.

  1. "Enable Email Alert": whether enable email alert or not.
  2. "Admin Email Addresses": Admin email addresses for receiving alert emails. Multiple email addresses are supported(seperated by commas). For example: aa@hotmail.com, bb@hotmail.com.
  3. "SMTP Server": Your Internet service provider (ISP) or the company where you work provides the name of an SMTP server for you to use with your account. Some SMTP servers will require authentication.
  4. "Authentication Settings": Some SMTP server requires authentication to send emails. In this case, you need to set your username and password.
  5. "Send A Test Email": send a test email to test your settings. If your settings are correct, you will receive the test email immediately.

Syslog Server Alert - send alerts to a syslog server.

  1. "Enable Syslog Alert": whether enable syslog alert or not.
  2. "Syslog Sever IP Address": ip address of the syslog server.
  3. "Port": syslog service port.
  4. "Facility Type, Severity Level": Facility and Severity of WFilter alert messages.
  5. "Send A Test Message": send a test syslog message to test your settings. If your settings are correct, you will receive the test message immediately.

6. Alert Target

Who will trigger alert events. One IP range per line, such as 192.168.1.100-192.168.1.162. To alert on only one computer, please use configuration likes "192.168.1.100-192.168.1.100".

Notice


  1. For "Keywords Alert" on "Chat Logs", supported protocols include: MSN, yahoo, icq, fetion and plain jabber.
  2. "Keywords Alert" will not be triggered if certain content is not recorded in the applied "Recording Levels".

Index

Edit Alert Email Format