Notifications page

The Notifications page allows you to configure and manage incident email notifications when incidents escalate, or if incidents of specified threat levels occur for your account and accounts you manage. In addition, if your user account has the Administrator role, you can manage the notifications for users in your customer account and accounts you manage.

If you configure notifications for both escalations and specified threat levels, you could receive notification email messages for the same incident at creation and for upon each escalation. Configure notifications for both escalations and specified threat levels to receive notification email messages when Alert Logic creates an incident and upon each escalation of that incident. Configure notifications for threat levels if you want email alerts when Alert Logic creates an incident of the specified threat level. Set up notifications for only escalations if you want email alerts any time the Alert Logic SOC escalates an incident, regardless of threat level.

You can set up a user account designated as "Notification Target Only," which exists solely to receive email notifications, and does not have the ability to log into the Alert Logic console. If you need to maintain an audit trail of all relevant escalations that you do not need to review until necessary, you can send notifications of all escalations and severity levels to the notification target. You can also configure notifications to send an email for escalations only to a notification target created with a shared email address to allow multiple people to monitor relevant escalations, even if they do not have an Alert Logic user account. For more information see Create a user account as a notification target.

To access the Notifications page in the Alert Logic console, click the Settings icon (), and then click Notifications.

Manage My Subscriptions

Select Manage My Subscriptions to subscribe to email notifications when incidents of specified threat levels and escalations occur for your account and accounts you manage. Notifications allow you to know about, and respond quickly to, threats in your environment.

To manage your notifications:

  1. In the Notifications panel, make any combination of the following choices:
    • Escalations—Click to specify the accounts for which you want notification of incident escalations. An incident escalation indicates that the Alert Logic Security Operations Center (SOC) sent an email to the designated contact for your account that the incident escalated.
    • Critical—Click to specify the accounts for which you want notification when an incident with a threat rating of Critical occurs for assets within the specified accounts.
    • High—Click to specify the accounts for which you want notification when an incident with a threat rating of High occurs for assets within the specified accounts.
    • Medium—Click to specify the accounts for which you want notification when incident with a threat rating of Medium occurs for assets within the specified accounts.
    • Low—Click to specify the accounts for which you want notification when incident with a threat rating of Low occurs for assets within the specified accounts.
    • Info—Click to specify the accounts for which you want notification when an incident with a threat rating of Info occurs for assets within the specified accounts. This threat level applies only to incidents created by scanning services.
  2. Click SAVE.

Manage Subscriptions of Others

This option is available only to user accounts with the Administrator role assigned. As an administrator, you can manage the subscriptions to notifications of other users in your customer account and accounts you manage. Select Manage Subscriptions of Others to view, manage, and configure email notifications when incidents of specified threat levels and escalations occur for users in your account and users in accounts you manage.

Users maintain the ability to modify any changes an administrator makes to their notifications.

Organize and group the user account list

By default, the Notifications panel lists user accounts alphabetically, and grouped by customer account. You can change the user account list order to specify whether Alert Logic groups user accounts by:

  • Customer account
  • Criticality (Threat level and escalations)
  • User account role

You can also use the search field to configure or manage the notifications for a specific user account.

Configure or modify notifications for other user accounts

Select a user account to set up email notifications when incidents of specified threat levels and escalations occur for the user's customer account and accounts that user manages.

To manage notifications for other user accounts:

  1. In the Notifications panel, make any combination of the following choices:
    • Escalations—Click to specify the accounts for which you want notification of incident escalations. An incident escalation indicates that the Alert Logic Security Operations Center (SOC) sent an email to the designated contact for your account that the incident escalated.
    • Critical—Click to specify the accounts for which you want notification when an incident with a threat rating of Critical occurs for assets within the specified accounts.
    • High—Click to specify the accounts for which you want notification when an incident with a threat rating of High occurs for assets within the specified accounts.
    • Medium—Click to specify the accounts for which you want notification when incident with a threat rating of Medium occurs for assets within the specified accounts.
    • Low—Click to specify the accounts for which you want notification when incident with a threat rating of Low occurs for assets within the specified accounts.
    • Info—Click to specify the accounts for which you want notification when an incident with a threat rating of Info occurs for assets within the specified accounts. This threat level applies only to incidents created by scanning services.
  2. Click SAVE.