Alert Logic notifications alert you to threats, changes, and scheduled events in your environment so you can respond quickly. From the Alert Logic console, you can subscribe to:
- Alert-based notifications—Security incident and log correlation notifications, for example, that alert you to potential threats
- Scheduled action notifications—Notifications for the completion of a scheduled activity, such as the generation of a compliance report
When configuring your alert-based notifications, you can specify the criteria you want to focus on, such as threat levels in the high and critical categories.
You can create and subscribe to notifications for your account and the accounts you manage. Users with Administrator, Owner, or Power User roles can subscribe others to receive notifications and manage notifications created by other users in your account. For more information about user roles, see Customer Accounts, User Accounts, and User Roles.
Alert Logic supports your automation workflows. You can configure notifications to send alerts by email and to a third-party application. Notifications to a third-party application require a templated connection.
You can configure several types of notifications:
- Incident notifications can send an alert when incidents occur that meet specific criteria.
- Log correlation notifications can send an alert for incidents or observations generated by your log correlation rules.
- Health Notifications can send an alert when an agent, appliance, or API collector is collecting data or offline (unhealthy).
- Scheduled report notifications can inform you when a scheduled report is generated and available for download.
- File Integrity Monitoring Search Notification can notify you when your scheduled File Integrity Monitoring (FIM) search is complete and available for download.
One way to create a notification is directly from the Notifications page. You can create notifications from other pages according to notification type:
- For incidents, you can also create a notification from the Incidents page. For more information, see Incident Notifications.
- For observations, you can also create a notification from the Search page (Log Search tab or Correlations tab) during the process of creating the correlation or by editing an existing correlation listed on the Correlations tab. For more information, see Correlations and Notifications and Observation Notifications.
- For health exposures, you can also create a notification from the Health page. For more information, see Health Notifications.
- For scheduled reports, you can also schedule the report and subscribe notification recipients from the Reports page. For more information, see Scheduled Reports and Notifications.
Notifications in your account and the accounts you manage appear on the Notifications page, available from the Manage group on the navigation menu. The Notifications page provides a centralized place for you to view, create, and manage notifications of all types.
For more information about the Notifications page and notifications management, see Manage Notifications.