We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see End-of-Support for CloudGen Firewall Firmware for further information on our EoS policy.

How to Configure Event Settings

  • Last updated on

Each event is assigned a severity level, which defines how urgent or critical an event is. Security events are classified by a severity ID of 1, 2, or 3. Operative events are classified by a severity ID of 6, 7, or 8. You can also configure a server or client action (such as executing a program or sending emails and SNMP traps) to be performed when the event occurs and specify whether a specific event or all events should be propagated to a Control Center.

In this article:

Configure Event Settings

  1. Go to CONFIGURATION > Full Configuration > Box > Infrastructure Services > Eventing.
  2. Click Lock.
  3. Configure your event settings.
    • To search for a specific event, enter its ID number in the Lookup field at the bottom of the page.
    • To edit an event, select it and then click Change. You can also double-click the event entry.
  4. Click Send Changes and Activate.

Event Settings

Events Tab
SettingDescription
Event IDThis read-only field displays the event ID.
DescriptionThe event description is written to the event monitor and to logging facilities and is sometimes extended by additional information in case the event is triggered by multiple processes.
Severity IDThe severity level that has been assigned to the event. Severity categories range from informational events to security events.
Notification IDThe effective notification setting that applies to the event.
CommentThe notification description.
PersistentTo prevent events from being forwarded multiple times, select this check box. Each event is forwarded to the NextGen Control Center only once, even if it occurs multiple times. The event can only be forwarded to the NextGen Control Center again after it is deleted. This setting is only of interest on Control Center-administered systems.
Propagate to CC

To enable propagation of the event to a NextGen Control Center, select this check box. This setting overrules any conflicting settings from the Severity tab.

Drop EventTo drop the event so that it is not entered in the local database or propagated, select this check box. Events that have been marked as Drop Event are displayed in black bold italics.
Severity Tab
SettingDescription
Severity IDThe severity ID. When assigning a severity to an event, select the severity ID in the event settings.
CategoryThe category of the severity. Severity categories range from informational events to security events.
DescriptionDescription of the severity.
PriorityThis read-only field displays the priority of the severity.
Notification IDThe notification setting that applies to the severity. Notifications are configured in the Notification tab.
Propagate to CC

To enable the forwarding of events using this severity level to a NextGen Control Center, select this check box. This setting may be overruled by customized settings for events from the Events tab.

Drop EventIf enabled, events using this severity are not stored in the local event database of the NextGen F-Series Firewall or forwarded to a NextGen Control Center. When a severity has the Drop Event check box selected, all events with this severity are displayed in italics.

Changing the Severity ID has no effect on how events are displayed. But when set to 0, the severity is displayed in red italics, and all events with this severity assigned change to italics in the Events tab.

Notification Tab
SettingDescription

Notification ID

The notification ID.
DescriptionDescription of the notification.
Event must be confirmedWhen selected, the assigned event remains in alarm status until it is confirmed by the administrator.
Server Action

From this tab, you can specify an action to be performed by the F-Series Firewall when the assigned event occurs. After selecting the Enable check box, you can select and configure one of the following action types:

Mail – Sends an email.Execute Program – Executes an application on the F-Series Firewall or Barracuda Control Center.SNMP – Triggers an SNMP trap.
s_mail.pngs_exe.pngs_snmp.png

You can also specify how often the action is repeated until the event is confirmed by the administrator. Select the Repeat Every check box and then define the interval in which the action is repeated. You can only specify this setting if the Event must be confirmed check box is also selected.

Client Action

From this tab, you can enable an action to be performed by the MS Windows client that Barracuda NextGen Admin is running on when the assigned event occurs.

Client actions are only performed when the EVENTS Tab is set to Live mode.

  • Audio Alert – Plays a *.wav audio file.
  • Popup – Opens a pop-up window on the MS Windows client that the Barracuda NextGen Admin application is running on.
Thresholds

From this tab, you can define how often the assigned event must occur in a specific time period before the specified server or client action for the notification is performed. To specify the thresholds for event notifications, you must also select the Activate Notification if any of these thresholds are reached check box.

If the Activate Notification if any of these thresholds are reached check box is unselected, the notification is displayed in italics, and all events with this notification assigned change to italics in the Events tab.

Basic Tab
SettingDescription
Send Event to CC

Firewalls managed by a Barracuda NextGen Control Center will forward their events to the Control Center. This includes events that are generated by the NextGen Control Center itself. This setting overrides conflicting settings from the Events or Severity tab.

Silent BoxIf enabled, event alarms are disabled, but event collection is still performed.
Max Event Records

Defines the maximum number of events that are displayed on the Events page. When this limit is reached, new events are not recorded on the Events page. It is recommended that you regularly delete old events and refer to the Logs and Statistics pages to view past events.

Last updated on