Defining what triggers an alert
There are several different types of events that can trigger an alert.
The following events can trigger alerts:
- A warning or error in the operation of the Secure SD-WAN Manager
- A test failure
- A match to a rule
- A threshold in a user alert check is exceeded
- A match to a pattern defined in a Situation element.
System Alerts and custom alerts are always triggered by an event in the system. In addition to the System Alerts triggered by internal events in the Secure SD-WAN Manager, you can configure the following events to trigger alerts:
- You can configure a rule in your Firewall, Layer 2 Firewall, Layer 2 Interface, or IPS Policy to trigger an alert. .
- You can activate Status Surveillance on engines to trigger an alert when the Management Server does not receive status updates for a while.
- You can configure the engine tester to issue an alert whenever a test fails (for example, when a network link goes down). Some tests that run on the engine by default might already be configured to issue alerts.
- Server Pool Monitoring Agents can trigger alerts when they detect problems with the servers.
- You can set thresholds for user alert checks to trigger alerts when the threshold is reached.
- You can set thresholds for monitored items in Overviews to trigger alerts when the threshold is reached.