Configure Rules for Notifications
In WatchGuard Cloud, you can configure notification rules that enable WatchGuard Cloud to generate alerts and send email notifications. Notification rules determine which events generate alerts. When WatchGuard Cloud generates an alert, the alert appears on the Alerts page as an active alert until you acknowledge it.
On the Rules page, you can see all rules created for your account. By default, several predefined rules exist. You can edit the default rules to change the name, description, and delivery method. There are some default rules you cannot delete.
You can configure additional notification rules to generate alerts for specific events, device alarms, and incidents for multiple notification sources.
Notification Sources
You can configure notification rules for events from these sources:
- WatchGuard Cloud — Generate alerts based on events in your WatchGuard Cloud account, such as updates to operator accounts and inventory allocation. For more information, go to Configure WatchGuard Cloud Platform Notification Rules.
- AuthPoint — Generate alerts based on AuthPoint events, such as denied push notifications and LDAP syncronization. For more information, go to Configure AuthPoint Notification Rules.
- Devices — Generate alerts based on changes to device status in WatchGuard Cloud, and alarms received from a Firebox or access point. For more information, go to Configure Firebox Notification Rules and Configure Access Point Notification Rules.
- ThreatSync — Generate alerts based on changes to incidents in ThreatSync, such as new incidents, actions performed, or if an incident is archived. For more information, go to Configure ThreatSync Notification Rules.
- ThreatSync+ NDR — Generate alerts when ThreatSync+ NDR detects a threat or vulnerability. For more information, go to Configure ThreatSync+ NDR Alerts and Notification Rules.
When you select the notification source in a rule, the available notification types for that source appear in the rule settings.
Delivery Methods
For each rule, you can select one of these delivery methods:
- None — The rule generates an alert that appears on the Alerts page.
- Email — The rule generates an alert that appears on the Alerts page and also sends a notification email to the specified recipients.
Add a Notification Rule
To add a new rule:
- Select Administration > Notifications.
- Select the Rules tab.
- Click Add Rule.
- On the Add Rule page, in the Name text box, type a name for your rule to help you identify it.
- From the Notification Source drop-down list, select the service or platform that generates the alert.
This is where the alert comes from. - From the Notification Type drop-down list, select the action or event that causes this rule to generate an alert.
The options available in this drop-down list change based on your selection from the Notification Source drop-down list. - (Optional) Type a description for your rule.
- If you want the rule to send an email message when it generates an alert:
- From the Delivery Method drop-down list, select Email
- From the Frequency drop-down list, configure how many emails the rule can send per day:
- To send an email for each alert the rule generates, select Send All Alerts.
- To restrict how many email messages the rule sends each day, select Send At Most. In the Alerts Per Day text box, type the maximum number of email messages this rule can send each day. You can set specify a value of up to 20,000 alerts per day.
- In the Subject text box, type the subject line for the email message this rule sends when it generates an alert. You can type a maximum of 78 characters.
- In the Recipients text box, type the email address for each person you want to receive an email message when this rule generates an alert. You can type multiple email addresses. Press Enter after each email address or separate the email addresses with a space, comma, or semicolon.
- Click Add Rule.
Manage WatchGuard Cloud Alerts
Configure WatchGuard Cloud Platform Notification Rules
Configure AuthPoint Notification Rules
Configure Firebox Notification Rules
Configure Access Point Notification Rules