Managing the Administrator

Navigation List

WiSentry Overview

WiSentry Administration

WiSentry Support
- Frequently Asked Questions
- Contact WiMetrics


	Managing Alerts
	WiSentry Alerts can be configured for notification via popup console message or email message. WiSentry Alerts consist of two elements, the Alert Event trigger which is based on the probability and the Alert Action which will either be a console message, email message, SNMP trap, or syslog message based on the configured Alert Event. In the example below, three Alert Actions have been configured: At 100% Probability with both email and popup Alert Events At 60% Probability with a popup Alert Event At 50% Probability with no configured Alert Events F *In the example above, an alert will only be generated for the 100% and 60% Alert Events. F Note that alerts must have unique names since an alert is issued only once for a named event.* Adding an Alert Event To configure a new Alert Event, highlight the Configured Alert Events branch then select New Access Point Alert from the Actions Menu. An Alert Event is only an event trigger and no action is taken until an Alert Action is added. or highlight the Configured Alert Events branch then right-click on the Configured Alert Events Branch and select New Access Point Alert. The recommended configuration for Alert Events is 60% or greater. This will minimize the alerts from low threat devices while sending alerts for medium to high threat devices. Adding a Alert Action To configure a new Alert Action, highlight the Alert Event then select your action type from the menu Actions or highlight the Alert Event then right-click and select your action type from the context menu. Popup Alert Actions This Alert Action will display an alert on the WiSentry Administrator machine when the alert is triggered. F *Popup* alerts are only sent when WiSentry Administrator is running. After an alert action has been created, you may edit or delete the alert by highlighting the Alert Action then selecting Actions from the menu bar. or by highlighting the Alert Action and right-clicking to show the context menu. Email Alert Actions This Alert Action will send an email when the alert is triggered. F Email alerts are sent even if the WiSentry Administrator is not running. F A tip for email alerts is that the machine name can be used in the FROM: field to make it easier to determine the source of the alert i.e. <machine>@wisentry.com. SNMP Trap Alert Actions An SNMP Trap Alert Action will send an SNMP trap event when the alert is triggered. WiSentry's SNMP MIB (Management Information Block) is 1.3.6.1.4.1.23073.1 (or enterprises.23073.1). The format of the trap is a text string containing a string description of the device discovered with the following layout: MAC IP-Address Name Model Date/Time-Discovered Probability Enter the IP address of the SNMP server and a community name to use. Syslog Alert Actions A Syslog Alert Action will send a message to a syslog server when the alert is triggered. The format of the message is a text string containing a description of the device discovered with the following layout: Name Model MAC IP-Address Date/Time-Discovered Probability Enter the IP address of the syslog server. Editing and Deleting Alert Actions After an alert action has been created, you may edit or delete the alert by highlighting the Alert Action then selecting Actions from the menu bar. or by highlighting the Alert Action and right-clicking to show the context menu. Alert Detail Detailed information on the device may be displayed by selecting the device on the pop-up alert screen. Showing Active Alerts Active alerts can be displayed at any time by selecting the View Menu. Select Active Alerts and the current alerts will be displayed. Alert pop-ups may also be turned off on this screen by selecting the Pop-Up Active Alerts checkbox. Alert sounds (if selected) will continue even if pop-ups have been disabled.
	Top

© 2003-2006 WiMetrics Corporation - All Rights Reserved