Enabling Alarm Notifications

Prerequisites

SMN has been enabled.

Constraints

• Alarm notifications are sent if the number of attacks reaches or exceeds the threshold configured for a certain period.

Procedure

1. Log in to the management console.
2. Click in the upper left corner of the management console and select a region or project.
3. Click in the upper left corner and choose Security > Web Application Firewall.
4. In the navigation pane, choose Instance Management > Notifications.
   Figure 1 Notifications
   

5. Click Create and configure alarm notification parameters. Table 1 lists the parameters.
   Figure 2 Create Notification
   

   Table 1 Description of notification setting parameters

   Parameter	Description
   Notification Type	Select a notification type. Events: WAF sends attack logs to you in the way you configure (such as SMS or email) once it detects log-only or blocked events. Certificate expiration: When a certificate is about to expire, WAF notifies you by the way you configure, such as email or SMS.
   Notification Name	Name of the alarm notification.
   Description	(Optional) A description of the purposes of the alarm.
   Enterprise Project	Select an enterprise project from the drop-down list. The notification takes effect in the selected enterprise project.
   Notification Topic	Select a topic from the drop-down list. If there are no topics, click View Topic and perform the following steps to create a topic: Create a topic. For details, see Creating a Topic. Add one or more subscriptions to the topic. You will need to provide a phone number, email address, function, platform application endpoint, DMS endpoint, or HTTP/HTTPS endpoint for receiving alarm notifications. For details, see Adding a Subscription. Confirm the subscription. After the subscription is added, confirm the subscription. For details about topics and subscriptions, see the Simple Message Notification User Guide.
   Interval	If you select Events for Notification Type, Interval must be configured. NOTE: Alarm notifications are sent if the number of attacks is at least equal to the threshold configured for a certain period.
   Event Type	If you select Events for Notification Type, Event Type must be configured. By default, All is selected. To specify event types, click Custom.
   Notification Before Expiration	This parameter must be configured if you select Certificate expiration for Notification Type. Select how long before a certificate expire WAF can send notifications. You can select 1 week, 1 month, or 2 months. For example, if you select 1 week, WAF will send you an SMS message or email one week before the certificate expires.
   Interval	This parameter must be configured if you select Certificate expiration for Notification Type. How often WAF sends certificate expiration notifications to you. You can select Weekly or Daily.

6. Click OK.
   • To disable a notification, locate the row containing the notification and click Disable in the Operation column.
   • To delete a notification, locate the row containing the notification and click Delete in the Operation column.
   • To modify a notification, locate the row containing the notification and click Modify in the Operation column.

Example Alarm Notification Email

If you have enabled alarm notifications and configured email alarm notifications, WAF emails you reports of any attacks that occur. Figure 3 shows an example of an alarm notification email.

Figure 3 Alarm notification email