It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Web Application Firewall

Configuring Notifications

  • Last updated on

The Notification feature allows you to select the modules for which you want to receive email/Slack notifications when either an event occurs or the configured threshold is exceeded. You can select the modules and set the severity level for the modules to receive notifications.

Notifications can be sent to email or to a Slack channel:

  • Email notifications are sent to the email address(es) configured in System Alert Email Address on the BASIC > Administration page in the Email Notification section.
  • Slack notifications are sent to the channel configured in BASIC > Administration > Slack Notification section.

Also, on the BASIC > Notifications page you can set the following:

  • The threshold limit for the hardware components and attack categories in the Global Threshold section.
  • The threshold limit for each attack type per service in the Service Threshold section. For more information on attack categories, see Attacks Description - Action Policy.

Events are generated and email notifications are sent whenever the configured threshold limit exceeds the time interval of five (5) minutes.

To receive email notifications for the settings made in Global Threshold and Service Threshold, always ensure the Threshold Controlled module is enabled and the severity level is set to Alert in the BASIC > Notifications page.

The severity level determines how critical an event is for the system. The following table lists the severity level and its description:

SeverityDescription
EmergencyEvent generated when the system is in an unusable state (highest priority).
AlertEvent generated when an immediate action is required.
CriticalEvent generated when the system is in critical condition.
ErrorEvent generated when there is an error processing the request.
WarningEvent generated when an action is required to be taken on a particular module configuration or process. If no action is taken, an error might occur. Example: “Encryption Key is going to expire within 5 days”.
NoticeEvents generated when an unusual activity is noticed. No immediate action is required.

Configure Threshold Limits

  1. Go to the BASIC > Notifications page.
  2. In the Global Threshold section, configure the threshold limit for hardware components and attack categories.
  3. In the Service Threshold section, configure the threshold limit for attack types per service.
  4. Click Save.

Ensure that the Threshold Controlled module is enabled, and the severity level is set to Alert in the Notification Configuration section.

Enable Notification for the Modules

  1. Go to the BASIC > Notifications page.
  2. In the Notification Configuration section, identify the modules for which you want to receive email notifications.
  3. Select the check box(es) next to the modules.
  4. Select the severity level.
  5. Click Save.
Examples

Example 1: Configure Notification Alerts for Hardware Components and Attack Categories:         

  1. Go to the BASIC > Notifications page.
  2. In the Global Threshold section:
    1. Enter the threshold value for hardware components and attack categories you desire. For example: CPU Temperature - 60, Firmware Storage - 70, SQL Attacks - 100, XSS Injections - 50.
  3. In the Notification Configuration section:
    1. Set Severity to Alert.
    2. Select the Threshold Controlled checkbox under Module.
  4. Click Save.

Example 2: Configure Notification Alerts for Specific Attack Types under each Service

  1. Go to the BASIC > Notifications page.
  2. In the Service Threshold section:
    1. Enter the name of the attack in Event Type, configure the threshold value for the attack, and click Add. You can add multiple attack types under each service. For example: Cross-Site Scripting in URL - 5, Query Length Exceeded - 200, etc.
  3. In the Notification Configuration section:
    1. Set Severity to Alert.
    2. Select the Threshold Controlled checkbox under Module.
  4. Click Save.

To receive email notifications for the configuration settings made in Global Threshold and Service Threshold, ensure that the severity is set to Alert and the module Threshold Controlled is enabled in the Notification Configuration section.

Example 3: Configure Notification Alerts for Specific Modules

  1. Go to the BASIC > Notifications page.
  2. In the Notification Configuration section:
    1. Select the severity level (Emergency, Alert, Critical, Error, Warning and/or Notice) for the modules.
    2. Select the checkbox(es) next to the modules for which you want to receive email notifications.
  3. Click Save.