Support

Support for business applications

Kaspersky Anti Targeted Attack (KATA) Platform

Sending notifications

Creating a rule for sending notifications about alerts

Kaspersky Anti Targeted Attack (KATA) Platform
Нет результатов
Knowledge Base Online Help
FAQ Download Forum Contact support Recovery tools

Creating a rule for sending notifications about alerts

8 November 2023

ID 247786

To create a rule for sending notifications about alerts:

  1. In the main window of the application web interface, select the Settings section, Notifications subsection.
  2. Go to the Notification rules tab.
  3. Click Add.

    This opens the New rule window.

  4. In the To field, enter one or multiple email addresses to which you want to send notifications.

    You can enter several email addresses if you separate them with commas.

  5. In the Subject field, enter the subject of the notification message.
  6. If you want the application to insert the alert importance into the message subject, add the %importance% macro to the Subject field.
  7. In the Notification type field, select Alerts.
  8. In the Alert importance drop-down list, select the minimum alert importance for which you want notifications to be sent.

    For example, you can configure forwarding of notifications for only alerts that have high importance, or for only those that have medium or high importance.

  9. In the Source or destination field, enter an IP address and network mask if you want to send notifications about alerts associated with a specific source or destination IP address or subnet address.
  10. In the Email field, enter an email address if you want to send notifications about alerts associated with a specific email sender or recipient address.
  11. Under Components, select check boxes next to the names of one or multiple technologies if you want to send notifications about alerts generated by specific technologies.
  12. Click Add.

The rule for sending notifications about alerts will be added to the list of rules. To send notifications to the specified email address, you must enable the notification rule. Notifications are sent once to each of the email addresses configured for this rule.

Users with the Administrator and Security auditor roles cannot create rules for sending alert notifications.

In distributed solution mode, you must create notifications separately for each subordinate server (Secondary Central Node, SCN).

See also

Sending notifications

Viewing the table of rules for sending notifications

Creating a rule for sending notifications about the operation of application components

Enabling and disabling a rule for sending notifications

Modifying a rule for sending notifications

Deleting a rule for sending notifications

Filtering and searching notification forwarding rules by rule type

Filtering and searching notification forwarding rules based on the notification subject

Filtering and searching notification forwarding rules by email address

Filtering and searching notification forwarding rules based on their status

Clearing a notification forwarding rule filter

Kaspersky Professional Services
Implementation services. Health check and security system configuration. Contact us if you need expert help.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.