Configure Rule-Based Alerts for Events and Incidents

You can configure FIM to monitor critical events/incidents for assets based on the conditions specified in an alert rule and send you notifications via email, pager or slack if events/incidents matching the condition in the rule are created. The alert message will have the events/incidents details. You get alert messages for incidents that are created using the correlation rule. See Configure Correlation Rules to Auto Create Incidents.

For FIM to send alerts, you need to first configure rule actions to specify one or more actions to be performed when events matching a condition is detected. Actions that you can choose are: send the alert messages by Email, PagerDuty or Post to Slack. Finally, create an alert rule and specify which events/incidents you want to monitor, criteria for triggering the rule and actions to be taken on those events/incidents. When a rule is triggered, FIM will send you the event/incident details to the configured account.

Roles and Permissions

Create a new action

Create a new alert rule

Manage alert rules

Manage alerts