Setup Notification Triggers

CloudGuard WAF safeguards web servers against attacks. You can set up Trigger objects to specify actions when an event occurs. One type of Trigger object, "Notification", allows sending email notifications to multiple addresses for events related to your agents

Setting up a Notification Trigger

Step 1: Create a new "Notification" trigger

Browse to Policy -> Triggers and create a new Trigger object of type Notification.

Configure a new name to the new trigger object:

Step 2: Configure intervals and email addresses

1. Intervals in hours - Specify the interval in hours for receiving notifications. You will receive an email at each set interval (e.g., every 2 hours) if any events occurred.

2. Emails recipients - You can choose one of the following options:

   1. Send all admins in the tenant - According to the Admins listed under Account -> Users.

   2. Send all users in the tenant - According to the list of users listed under Account -> Users.

   3. Custom Emails - Send to a customize list of email addresses

Step 3: Choose the Events you wish to get notified about

Select the checkboxes for events you want to be notified about. You can also choose all the events.

Step 3: Setup your Threat Prevention policy to use the new Log Trigger object/s

Browse to Policy->Assets and edit the asset you wish to modify.

Go to the relevant practice tab and scroll to the bottom.

Click on the 'Add triggers' lint and add your new Notification Trigger object.

Notification Email Example

The screenshot below illustrates a sample notification email that you will receive after configuring the notification trigger.