Email Events Notification Setup

If an incident or an event occurs and you want to be notified of it as soon as possible via email; follow this guide:

1-   Configure you SMPT settings:

Administration > System Settings > Notification Settings > SMTP Settings

Or click on this link https://<IP_ADDRESS>/settings/notification/smtp

 

Click “Edit” button and fill the required parameters:

From Address: This is the email address Cymetrix will use to send an email.

To Address: This email address is not used to send the various events; This address is for testing purposes only (when you click on “Test Connection” box)

Hostname/IP Address: The SMTP Hostname/IP server for example: smtp.office365.com or an open relay server IP/hostname in your environment

Port: port of the SMTP server.

Connection Security: Is the SMTP server using SSL, TLS or none

Authentication: what are the authentication methods used if any.

Username/Password: if you’re STMP server requires authentication, enter the username/password.

When you’re done click the box “Test Connection” to make sure your configurations are correct; If the configuration you entered were correct you would receive a test email to the “To address”.

If you received the test email, then click “Update” box.

 

2-    Configure the group of users you want to send the incident/event email to

Administration > System Settings > Notification Settings > General Settings

Or click on this link https://<IP_ADDRESS>/settings/notification/general-settings

Click the + button to create a new group.

Name Of the Group: This is used to group the users to send certain events to. For example, if the event is “Disk Utilization Threshold Exceeded – Windows”, you’d create a group called “acme-infa-group” which has the infrastructure teams email addresses.
But if the event is “Dark Data” this event included leaked username and passwords and so you’d want to limit the notification to certain users i.e. The security team in your organization.

New Group of Recipients Emails: The email addresses of the group.

3-   Notification Preference Configuration

Administration > System Settings > Notification Settings > Notification Preference

Or click on this link https://<IP_ADDRESS>/settings/notification /preference

In this page we configure the different events and incidents. One of the things you’ll notice is the “Threshold” column.
There are events that require you to set the threshold, wherein if the that threshold to be reached to send an email. Example of such events

Disk Utilization Threshold Exceeded: If you receive an email for this event then this means that an endpoint’s C:\ drive has reached the threshold you set, 80% for example.
 
Reminder before certificate expires: If you receive an email for this event then the HTTPS certificate for your website(s) is about to expire, the threshold in this event indicates the number of days to alert you as a reminder to renew the certificate before it expires.

Then if the event requires it will have a “Add Threshold” and set the threshold.

Repeat the steps above for each event.

 

4-   Events Advance configuration

Administration > System Settings > Notification Settings > General Settings

Or click on this link https://<IP_ADDRESS>/settings/notification/ general-settings

There are some events that you want to further customize them for your environment like:

Disk Utilization Threshold Exceeded – Windows
Disk Utilization Threshold Exceeded – Linux

For example, you may want to exclude certain partitions in windows i.e., D:\.  or Linux partitions i.e., /snap/*, you would uncheck the D:\ under Windows Partitions and /snap/* under Linux Partitions. The figure below illustrates the example.

 

Enable changing in reset time! : This is time in which Cymetricx server waits before sending the same event.
For example, You received an email “Disk Utilization on fl5-HQ-PC has Reached 90% utilization”, and didn’t do anything about this alert, the notification service will wait the amount of time you configured in Enable changing in reset time! (72 hours by default). And so, in 3 days you’ll receive the same email if you didn’t resolve the issue.