SHIFT

--- Sjoerd Hooft's InFormation Technology ---

User Tools

Site Tools


Sidebar

Recently Changed Pages:

View All Pages


View All Tags


LinkedIn




WIKI Disclaimer: As with most other things on the Internet, the content on this wiki is not supported. It was contributed by me and is published “as is”. It has worked for me, and might work for you.
Also note that any view or statement expressed anywhere on this site are strictly mine and not the opinions or views of my employer.


Pages with comments

View All Comments

Action disabled: revisions
alertsuroot

ManageEngine Create Alert

We have bought the ManageEngine Eventlog Analyzer. I do not think it's the best tool for the job but sadly it's the one we bought so I'll just have to deal with it. We already have a lot of hosts syslogging to the server, so I wanted to have alerts when an user switches to root. To do so I needed to create an alert profile:

  • Login with a user with the required permissions
  • Click on the tab alerts
  • On the left, a list of current alert profiles appear, including a link to “Add alert profile”
  • Give an unique name and set the priority of the alert, select the hosts to which the alerts apply
  • Then go to the “Modify Criteria:” section
    • Set LogType and the Severity to your needs
    • Log message contains: This should be an exact match, unfortunately you can't match with keywords and wildcards:

alert01.jpg

  • Go to the “Notify by:” section
  • If you want the mail sent to multiple receivers separate them by a comma (,).

alert02.jpg

Resources

You could leave a comment if you were logged in.
alertsuroot.txt · Last modified: 2021/09/24 00:24 (external edit)