Email Alerts
Tenable Identity Exposure sends out email alerts to notify you automatically if events reach a certain severity threshold and require remediation actions. The following is an example of an email alert:
-
In Tenable Identity Exposure, click System > Configuration > Email.
-
Click the Add an email alert button on the right.
The Add an email alert pane appears.
-
Under the Main Information section, provide the following:
-
In the Email address box, type the recipient's email address to receive notifications.
-
In the Description box, type a description for the recipient address.
-
-
In the Trigger the alert drop-down list, select one of the following:
-
On each deviance: Tenable Identity Exposure sends out a notification on each deviant IoE detection.
-
On each attack: Tenable Identity Exposure sends out a notification on each deviant IoA detection.
-
On each health check status changes: Tenable Identity Exposure sends out a notification whenever a health check status changes.
-
-
In the Profiles box, click to select the profile(s) to use for this email alert (if applicable).
-
Send alerts when deviances are detected during the initial analysis phase: do one of the following (if applicable):
-
Select the checkbox: Tenable Identity Exposure sends out a large volume of email notifications when a system reboot triggers alerts.
-
Unselect the checkbox: Tenable Identity Exposure does not send out email notifications when a system reboot triggers alerts.
-
-
Severity threshold: click the arrow of the drop-down box to select the threshold at which Tenable Identity Exposure sends alerts (if applicable).
-
Depending on the alert trigger you selected previously:
-
Indicators of Exposure: If you set alerts to trigger on each deviance, click the arrow next to each severity level to expand the list of Indicators of Exposure and select the ones for which to send alerts.
-
Indicators of Attack: If you set alerts to trigger on each attack, click the arrow next to each severity level to expand the list of Indicators of Attack and select the ones for which to send alerts.
-
Health check status changes: Click Health Checks to select the health check type to trigger an alert, and click Filter on selection.
-
-
Click the Domains box to select the domains for which Tenable Identity Exposure sends out alerts.
The Forests and Domains pane appears.
-
Select the forest or domain.
-
Click Filter on selection.
-
-
Click Test the configuration.
A message confirms that Tenable Identity Exposure sent an email alert to the server.
-
Click Add.
A message confirms that Tenable Identity Exposure created the email alert.
-
In Tenable Identity Exposure, click System > Configuration > Email.
-
In the list of email alerts, hover over the one you want to modify and click the icon at the end of the line.
The Edit an email alert pane appears.
-
Make the necessary modifications as described in the previous procedure "To add an email alert".
-
Click Edit.
A message confirms that Tenable Identity Exposure updated the alert.
-
In Tenable Identity Exposure, click System > Configuration > Email.
-
In the list of email alerts, hover over the one you want to delete and click the icon at the end of the line.
A message asks you to confirm the deletion.
-
Click Delete.
A message confirms that Tenable Identity Exposure deleted the alert.
See also