Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Alerts Overview

Alerts and notifications notify administrators about significant events within the system. Notifications can also be sent through e-mail. You will be notified when predefined network traffic condition is met. Alert trigger threshold is number of network traffic events crossing a pre-defined threshold within a period of time.

Alerts and notifications provide options for:

  • Defining alert criteria based on a set of predefined filters. You can use the filters defined in the Filter Management window on the Event Viewer page to generate alerts.

  • Generating an alert message and notifying you when alert criteria are met.

  • Searching for specific alerts on the Generated Alerts page based on alert ID, description, alert definition, alert type, or recipient e-mail address.

  • Supporting event-based alerts.

For example, an administrator can define a condition such that if the number of firewall-deny events crosses a predefined threshold in a given time range for a specific device, administrators will receive an e-mail alert.

Note:

If the number of logs matching the alert criteria crosses the defined threshold and remains so for the period set in the alert definition, Juniper Security Director Cloud does not generate new alerts but only updates the time of the last occurrence. It generates new alerts again only when both these conditions are met:

  • The number of logs matching the alert criteria drops below the threshold and crosses the threshold again.

  • The number of logs crosses the defined threshold again after the time period set in the alert definition elapses. Juniper Security Director Cloud measures this time period from the first time the threshold is crossed in the configured time range.

Understanding Role-Based Access Control for the Alerts and Alert Definitions

Note:

You must have Security Analyst or Security Architect role or have permissions equivalent to that role to access the alerts and alert definitions.

You must have the following privileges under Administration > Users & Roles > Roles:

  • Create Alert Definition to create an alert definition.

  • Update Alert Definition to modify alerts.

  • Delete Alert Definition to delete alerts.

  • User account under Role Based Access Control to search for user accounts in alert definitions.