|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[ISSForum] Email Configuration
From: John Smithson (why1234
hotmail.com)
Date: Thu May 22 2003 - 09:08:08 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello Gurus,
I'm new to the ISS RS world. I have WGM 6.7 managing Network Sensor 7.0 on
Nokia. Previous admin had configured WGM to send email to one account for
every certain incident occurs. Here are my questions----------
1.) Is there any way to configure WGM so that it does not send email on
every instance. For example, current set up is configure so that every time
someone probes SQL_SSRP_Slammer_Worm it send email--- well it generates
about 20 -50 emails a day ---- A) Can I configure it so that it sends email
only one time for every certain number of incidents?? B) Configure it so
that only when my servers start probing someone.. because I really don't
care if someone probes us, I care more if my servers start probing someone..
2) Is there any hierarchy in email configuration where if first few
incidents occurrences send email to general address, however, if the same
incidents occurs more than a certain times then send email to another
address? I was trying to set up where for example certain attack occurs for
10 times in minute then send notification to xyz address, however if the
same attack keeps on occurring for 100 times then escalate and send
notification to another address...
Any help is greatly appreciated....
_________________________________________________________________
Protect your PC - get McAfee.com VirusScan Online
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
_______________________________________________
ISSForum mailing list
ISSForumiss.net
TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]