Notifications

EventSentry currently supports 16 different types of notifications to support alerts, remediation and integration.


Download Now Request a demo

Alerts, Remediation & Integration

EventSentry currently supports 16 different types of notifications. Some are useful for immediate notification (such as email or syslog) while others are useful for collection and consolidation. Most actions will cache pending data if the service (e.g. email server, database) are temporarily unavailable. All notifications support thresholds as well as a schedule.

Email Notification  Email (supports SSL/TLS, header/footer, variables, mini format for cell phones etc.)
Jabber Notification  Instant Messages (through Jabber - e.g. Google Talk), supports chat rooms
Database Notification  Database (MSSQL, PostgreSQL, MySQL or Oracle)
Pager Notification  Pager (through SNPP)
Syslog Notification  Syslog (TCP + UDP)
SNMP Notification  SNMP (v1, v2c and v3 Traps)
Process Notification  Process (executes any process/executable) for remediation
HTTP Notification  Submit HTTP(S) forms
Shutdown Notification  Shutdown or Reboot
Service Notification  Service & Process Control (Stop, Start, Restart, Continue, Pause)
File Notification  Text File (ASCII, HTML, CSV)
Sound Notification  Sound (play .wav file)
Other Actions  Network (aka "net send"), Printer, Desktop & RSS


Email Notifications (SMTP)

Forwards any alert via SMTP (SSL/TLS with authentication supported) to one or more recipients. Supports primary and secondary SMTP server, as well automatic SMTP server lookup via DNS (MX record). The email subject can be customized using dynamic variables, the email content itself can also be customized by only selecting event properties of interest. The action supports a HTML, plain text as well as SMS/text message type format with minimal information; a customizable header and footer can be configured as well. Email actions can also dial a configured RAS/VPN connection when necessary, prior to sending the email.

HTTP(S)

Submits a web-based form via HTTP(S) or performs a POST/PUT request with support for JSON/SOAP. Supports basic, digest and NTLM authentication. Using the HTTP action, alerts can easily be submitted to ticketing systems such as Trello, Slack, HipChat, iService, FogBugz and many others.

Processes

Starts a process with low, medium or high priority. A maximum process runtime can be configured, and the process (including child processes) can be killed when the runtime is exceeded. The process return code (ERRORLEVEL) can be evaluated, and output can be logged to the event log.

The process command-line can be fully customized with custom variables as well as with dynamic event variables. Embedded scripts can also be used with a process notification.

Service and Process Control

Controls a service (start, stop, restart, pause, continue) or terminates (kills) a process. Multiple instances of the same process may be terminated, as well child processes.


Advanced Features

All notifications support thresholds, to ensure that "expensive" notifications such as text message, pager, email don't get flooded with events, regardless of the filter rules.

Schedules can be applied to notifications, which ensures that an action is only active during a certain hour of the day.

Alert-type notifications such as email and pager can log their activity to the EventSentry database, to support later auditing for accountability and troubleshooting purposes.


Fault Tolerance

Actions not supported by or not routed through the collector or EventSentry supports fault-tolerance for certain notifications, and will cache events when certain notifications are unavailable. Delivery will be re-attempted in regular intervals until the remote service is available again. This ensures 100% reliability during temporary network outages.

All actions routed through the collector are automatically fault tolerant, otherwise the following notification types support fault tolerance:

  • Database (ODBC)
  • SMTP
  • SNPP
  • Syslog (TCP only)
  • HTTP
  • Network (net send)