Configure Rules for Notifications

Applies To: WatchGuard Cloud

Some of the features described in this topic are only available to participants in the WatchGuard Cloud Beta program. If a feature described in this topic is not available in your version of WatchGuard Cloud, it is a beta-only feature.

In WatchGuard Cloud, you can configure notification rules that enable WatchGuard Cloud to generate alerts and send email notifications. Notification rules determine which events generate alerts. When WatchGuard Cloud generates an alert, the alert appears on the Alerts page as an active alert until you acknowledge it.

On the Rules page, you can see all rules created for your account. By default, several predefined rules exist. You can edit the default rules to change the name, description, and delivery method. There are some default rules you cannot delete.

You can configure additional notification rules to generate alerts for specific events, device alarms, and incidents for multiple notification sources.

Notification Sources

You can configure notification rules for events from these sources:

WatchGuard Cloud — Generate alerts based on events in your WatchGuard Cloud account, such as updates to operator accounts and inventory allocation. For more information, go to Configure WatchGuard Cloud Platform Notification Rules.
AuthPoint — Generate alerts based on AuthPoint events, such as denied push notifications and LDAP syncronization. For more information, go to Configure AuthPoint Notification Rules.
Devices — Generate alerts based on changes to device status in WatchGuard Cloud and alarms received from a Firebox or access point. For more information, go to Configure Firebox Notification Rules and Configure Access Point Notification Rules.
Firebox — Generate alerts for Firebox events, such as when connection usage exceeds a specific threshold. For more information, go to Configure Firebox Notification Rules.
FireCloud — Generate alerts FireCloud security services detect a threat or vulnerability. For more information, go to Configure FireCloud Notification Rules.
Endpoint Security — Generates alerts for Endpoint Security events. For more information, go to Configure Endpoint Security Notification Rules.
ThreatSync — Generate alerts based on changes to incidents in ThreatSync, such as new incidents, actions performed, or if an incident is closed. For more information, go to Configure ThreatSync Notification Rules.
ThreatSync+ NDR — Generate alerts when ThreatSync+ NDR detects a threat or vulnerability. For more information, go to Configure ThreatSync+ Alerts and Notification Rules.
ThreatSync+ SaaS — Generate alerts when ThreatSync+ SaaS creates a new policy alert and when a heartbeat is detected or no longer detected. For more information, go to Configure ThreatSync+ Alerts and Notification Rules.

When you select the notification source in a rule, the available notification types for that source appear in the rule settings.

Additional Requirements for Closed-Loop Ticketing with PSA Integrations

For accounts with a PSA integration, notification rules for some sources have additional requirements to use closed-loop ticketing.

For closed-loop ticketing with license alerts, you must select PSA ticket options for all license allocation notification rules.
For PSA closed-loop ticketing with Firebox notification rules, your Firebox must run Fireware v12.11.3 or higher.

For more information about PSA integrations, go to About PSA Tool Integration with WatchGuard Cloud.

Your operator role determines what you can see and do in WatchGuard Cloud. Your role must have the Configure Notification Rules permission to view or configure this feature. For more information, go to Manage WatchGuard Cloud Operators and Roles.

Add a Notification Rule

To add a new rule:

Select Administration > Notifications.
Select the Rules tab.
Click Add Rule.

Screen shot of WatchGuard Cloud Notifications page, Add Rule

On the Add Rule page, in the Name text box, type a name for your rule to help you identify it.
From the Notification Source drop-down list, select the service or platform that generates the alert.
This is where the alert comes from.
From the Notification Type drop-down list, select the action or event that causes this rule to generate an alert.
The options available in this drop-down list change based on your selection from the Notification Source drop-down list.

Screen shot of WatchGuard Cloud, Add Rules page

(Optional) Type a description for your rule.
To send a notification email to the specified recipients, in the Delivery Method section, select or enable Email
1. From the Frequency drop-down list, configure how many emails the rule can send per day:
  - To send an email for each alert the rule generates, select Send All Alerts.
  - To restrict how many email messages the rule sends each day, select Send At Most. In the Alerts Per Day text box, type the maximum number of email messages this rule can send each day. You can set specify a value of up to 20,000 alerts per day.
2. In the Subject text box, type the subject line for the email message this rule sends when it generates an alert. You can type a maximum of 78 characters.
3. In the Recipients text box, type the email address for each person you want to receive an email message when this rule generates an alert. You can type multiple email addresses. Press Enter after each email address or separate the email addresses with a space, comma, or semicolon.
For PSA integrations, to send a ticket notification to the PSA tool, enable PSA Ticket.
- For ConnectWise, select the Priority, Service Board, New Status, and Close Status for the ticket sent to ConnectWise.

Screen shot of the Delivery Method for PSA ticket with ConnectWise

For Autotask, select the Priority, Queue, Ticket Category, New Status, and Close Status for the ticket sent to Autotask.

Screen shot of the Delivery Method for PSA ticket with Autotask

Click Add Rule.

Configure Rules for Notifications

Notification Sources

Additional Requirements for Closed-Loop Ticketing with PSA Integrations

Add a Notification Rule

Related Topics