Tags
manually deploy Comodo EDR agent parent process multiple ticket selection selected tickets security events folder transfer discoveries network management remote folder TLS TLS1.2 pci dss pci compliance ITarian Portal Endpoint Manager vdi environment vdi clone environment instant clone documentation vendor notice security dashboard events resolution remote tool partner onboard itarian unknown file hunter TLS Encryption procedure parameters pass profiles history performance metrics real time remote endpoints download browse Subscriptions service URL Security Components system Global Software Inventory 2 minutes Integrate intagrate Active Directory Portable Interception SSL enable reporting Rule Threat Protection Rule Advance spam Customize archived outgoing incoming administrator validate domains add Antispam type PCI data loss Location Network information start software session extensions appoinments resource connection computers Comodo Rescue Disk infected opportunity opportunities custom relationship management quote COMODO-CRM protect mac device email notifications registry COM Quarantined point system restore msi contained applications processes security client events Release date department registration particular os section Two Factor Authentication Login interface dashboard report generate Direct Download Link One drive Google drive HIPS mode cleanup automatic suspicious suspicious certificates shellcode injection detect Elevated Access system user access default charging groups move current malware list store push IP address ip installer acronis auto-remediation server machine icon Product Logos Rebrand backup Device Control data Chromoting WebRTC ports Protocol skip offline manual time entries ticket assignee Help Guide Tour schedule Reschedule appointment unknown application protection virtual desktop Local Verdict server manage calculation cost configuration charging SD contract prepaid hours products classification inventory analyze Device list OS patches global search bar Tool bar Windows Defender Security Center file group white Citrix record SPF work billable time onsite email template template variables emails Gmail SMTP disable Add collaborators admin action Audit logs feature requests submit vote remotely Reset proxy swg secure web gateway dome error disk ticket detail page thread section tickets section internal notes Sub-help topic help topic features Application control white_list Patch Management child parent scheduled customized get to headers columns company restrict customer technician remote access list iOS devices field Reports iOS device APN Certificate MAC OS X options Linux block Comodo Client Communication (CCC) allow Comodo Client Security (CCS) network zones active component tray icon hide show packages additional install block port baseline installation package bulk implement restrict firewall endpoints security and communication global export virus import Database folders files define exclusions change staff admin rating check reassign assign permissions new role create for user of device enroll associated use how profile specific Removing Devices Uninstall windows profile Configuration templates latest version clients comodo file ratings monitoring script procedure custom All Devices Ratings Track widgets Agent valkyrie malware files Kill chain report automated establishing endpoint remote session Users prevent Android organization windows assets Mac OS billing identified threats Sort Closed inside Program executed containment service desk remote control Locally runs update scan antivirus SLA Business Hours control CCS Password access Client Auto Specific Device Response Application Third party Status View Logs intended devices alert fails Company Information Configure Verdict Patch Procedures Executable Comodo Internet Security ITSM Analysis Command Line Heuristic Filter Unrecognized Trusted File Rate Malicious Purge Calendar Device Exclusion USB Admin Panel Settings ticket Default system-wide Specific Path Details Monitor Multi Set Currency Connected Who Quick Actions Comparison Version Enterprise Managed Service Provider C1 Portal Remote management Comodo Remote Control ticket management staff panel assign tickets
More

How to configure alerts

Release Time
04/11/2018
Views
1126 times
Category
ITarian Portal
Tags

Introduction:

In ITarain, the alert can be configured based upon what kind of alert you want to receive and how you want to receive upon events such as procedures not running on devices or any breach of monitoring feature setting in profiles.

Step 1: To create a new alert select Application ENDPOINT MANAGERCONFIGURATION TEMPLATESAlertsCreate Alert in ITarian portal.

Step 2: In Create Alert provide the Alert name and Description for your alert and click the Create button to create a new alert. For example: Alert name: "New Alert"

Step 3: The alert created consists of the following variables:

i) General

ii) Alert Settings

iii) Additional Recipients

i) General- This General section allows you to modify basic settings.

ii) Alert Settings - The settings for the alert can be edited in alert settings by clicking the Edit button.

  1. Don’t create additional alerts (about the same issue) Enable this option and set time period until which additional alerts will not be created on the same issue. Technician can choose one of the following time periods from drop down options,I)5 Minutes ii) 10 Minutes iii) 30 minutes iv) 1 hour v) 2 Hours vi) 3 Hours vii) 12 Hours vii) 1 Day ix) 2 Days x) 5 Days.
  2. Create notifications on the portal – enable this if you would like to create notification on your portal.
  3. Create alert tickets on the service desk  – enable this if you would automatically create ticket through service desk.
    1. Append to an original ticket if there is an open ticket for performance monitoring conditions – enable this to get update on the same ticket if already created for the same condition.
    2. Automatically close the ticket if the metrics go below the threshold – enable to automatically get close the ticket where the given threshold met.
    3. Open the tickets under – choose any of one department for auto-assignment.
      1. Maintenance Department
      2. Sales Department
      3. Support Department
  4. Open the tickets with priority – choose any of one priority to create tickets under the specified one.
    1. Low
    2. Normal
    3. High
    4. Critical
       

5. Device data- It Includes additional device data (brand, model, serial number, logged on user, domain/workgroup, MAC address, local IP address, gateway IP address, DNS server address) which to send with the ticket.

Finally click Save button to save the changes for the Alert Settings.

iii) Additional Recipients -To configure Additional Recipients settings, click Additional Recipients tab and then click the Edit button to specify the following options.

  1. Send e-mails if Monitoring or Procedure register alerts more than the selected number of consecutive times – Enable it if you want to use auto-communication through email.
    1. Send to the portal administrators – Enable to send auto-generated emails to portal administrator.
    2. Send to the following e-mail addresses – You can also send to specified email ids you want.
      1.  Add Emails… – Enter your email ids here
  2. Send to the following portal users – Select your portal user you want to transfer the status.
    1. Type username to search among users… – Type username and select the specific user.

Click Save button to apply your changes. 

Step 4: To apply configured alert for monitoring. Go to Configuration Templates --> Profiles --> Click the profile you want or if you are new user to Monitoring please add the Monitoring section in profile.

Step 5: Click Monitoring tab and select monitoring name where conditions to trigger alert is configured. Then click Edit button to change general settings.

Step 6: Click User Alert settings and select the alert that you have configured. Then click Save button to apply your changes.

Step 7: You can run appropriate procedure immediately when the alert is ON. To apply configure alert for procedure please follow below steps:

  1. Go to Configuration Templates --> Profiles --> Click the profile you want or if you are new user to Monitoring please add Monitoring section in profile.
  2. Click Monitoring tab and select Monitoring Name where conditions to trigger alert is configured. Then click Edit button to change general settings.
  3. Under Auto Remediation on alert settings , Click Run below procedure option and select fix procedure to be run upon alert.

Then click Save button to aplly your changes.