EventSentry currently supports 16 different types of notifications. Some are useful for immediate notification (such as email or syslog) while others are useful for collection and consolidation. Most actions will cache pending data if the service (e.g. email server, database) are temporarily unavailable. All notifications support thresholds as well as a schedule.
|Email (supports SSL/TLS, header/footer, variables, mini format for cell phones etc.)|
|Instant Messages (through Jabber - e.g. Google Talk), supports chat rooms|
|Database (MSSQL, PostgreSQL, MySQL or Oracle)|
|Pager (through SNPP)|
|Syslog (TCP + UDP)|
|SNMP (v1, v2c and v3 Traps)|
|Process (executes any process/executable) for remediation|
|Submit HTTP(S) forms|
|Shutdown or Reboot|
|Service & Process Control (Stop, Start, Restart, Continue, Pause)|
|Text File (ASCII, HTML, CSV)|
|Sound (play .wav file)|
|Network (aka "net send"), Printer, Desktop & RSS|
Forwards any alert via SMTP (SSL/TLS with authentication supported) to one or more recipients. Supports primary and secondary SMTP server, as well automatic SMTP server lookup via DNS (MX record). The email subject can be customized using dynamic variables, the email content itself can also be customized by only selecting event properties of interest. The action supports a HTML, plain text as well as SMS/text message type format with minimal information; a customizable header and footer can be configured as well. Email actions can also dial a configured RAS/VPN connection when necessary, prior to sending the email.
Submits a web-based form via HTTP(S) or performs a POST/PUT request with support for JSON/SOAP. Supports basic, digest and NTLM authentication. Using the HTTP action, alerts can easily be submitted to ticketing systems such as Trello, Slack, HipChat, iService, FogBugz and many others.
Starts a process with low, medium or high priority. A maximum process runtime can be configured, and the process (including child processes) can be killed when the runtime is exceeded. The process return code (ERRORLEVEL) can be evaluated, and output can be logged to the event log.
The process command-line can be fully customized with custom variables as well as with dynamic event variables. Embedded scripts can also be used with a process notification.
Controls a service (start, stop, restart, pause, continue) or terminates (kills) a process. Multiple instances of the same process may be terminated, as well child processes.
All notifications support thresholds, to ensure that “expensive” notifications such as text message, pager, email don’t get flooded with events, regardless of the filter rules.
Schedules can be applied to notifications, which ensures that an action is only active during a certain hour of the day.
Alert-type notifications such as email and pager can log their activity to the EventSentry database, to support later auditing for accountability and troubleshooting purposes.
Actions not supported by or not routed through the collector or EventSentry supports fault-tolerance for certain notifications, and will cache events when certain notifications are unavailable. Delivery will be re-attempted in regular intervals until the remote service is available again. This ensures 100% reliability during temporary network outages.
All actions routed through the collector are automatically fault tolerant, otherwise the following notification types support fault tolerance: