Enable alerts
Xshield generates alerts for events such as unsafe perimeter traffic and anomalies and when the assets' and appliances' reachability and usability states change. Xshield can generate up to 12 types of alerts.
Alert categories and Severity levels
Xshield alerts are categorized into Alert categories by the type of entity for which the alert is generated (Asset, Appliance, or Traffic). Alerts are also assigned various 'Severity' levels (by their severity of impact on your network) - Critical, High, Medium, and Info.
We recommend that you understand more about Alert categories and Severity levels in Xshield before enabling alerts for an Xshield instance. See Alerts reported on Xshield for more details.
Enable alerts
To reduce clutter on the Alerts page, only 'Critical' alerts are generated for a new Xshield instance. If you want to monitor alerts of other severity levels, you must enable them.
-
Alerts can be enabled or disabled at the level of an Alert category. For example, enabling the Traffic alerts category enables all applicable Traffic alerts (depending on the severity level you set for the Alert category).
-
Alerts can be enabled at the level of the severity of the alerts in an Alert category. For example, setting the severity level of the Traffic alerts category to Medium generates all Traffic alerts (Critical, High, and Medium) except Info-level Traffic alerts.
|
|
Next steps
-
Monitor alerts regularly and investigate and remediate security incidents, reachability issues, or performance issues. For operational ease and during experimental activities, you can suppress or dismiss alerts for selected assets temporarily.