Jump to:navigation, search
Wiki


























De.png
Fr.png


Configuration of the Alerting Center in the UMA


Last adaptation to the version: 3.1 (04.2021)


Previous versions: -


New:

  • New function New ab UMA NG v3.1




Alerting Center of the UMA

How it works

The Alerting Center automatically sends e-mails with log events. This sets up monitoring of log events and simplifies monitoring. Error messages can be forwarded to the admin before a malfunction occurs or a malfunction can be detected more quickly.

The Alerting Center is always active by default.
Various events are assigned to priority groups.
The Alerting Center sends out

  • immediate reports, which are sent immediately when an event occurs
    The email address of the system administrator is used for this purpose.
    and
  • regular reports, sent at a fixed period of time.
    Up to 5 additional email addresses can be specified for this purpose.

Requirements

In order for the Alerting Center to send messages, a Remote Smarthost must be configured.
(Menu System Settings / Email Server. Section Remote Smarthost Settings)



Configuration

Menu Alerting Center


caption: Default desc

General

General
Status Indicates that the Alerting Center service is running. (spalertd: up / spsysprocd: up) In case of error, please contact support. If necessary, a reboot can help . UMA v3.1 AlertingCenter Allgemein-en.png
General section
Report language: German

English
Language in which reports are sent

Immediate email report

Immediate email report
Enabled: Immediate email reports are sent by default. UMA v3.1 AlertingCenter Umgehender-Bericht-en.png
Section Immediate Email Report

UMA v3.1 umgehender bericht en.png
Example Immediate report
Recipient: admin@ttt-point.de Immediate reports are always sent to the system administrator.
Settings in the System Settings / System Users / System Administrator tab.
Notification types: × Level 5 - Error × Level 6 - Critical
× Level 7 - Alert
× Level 8 - Emergency
In the click box, priority levels can be selected or deselected.
If an event occurs or a threshold value linked to this group is exceeded, an email is sent immediately.
  • × Level 0 - No message
  • × Level 1 - Debug
  • × Level 2 - Info
  • × Level 3 - Notice
  • × Level 4 - Warning
  • × Level 5 - Error
  • × Level 6 - Critical
  • × Level 7 - Alert
  • × Level 8 - Emergency
Limit: 1 Number of reports to be sent immediately per error event within
Time frame: 1440 Minutes
Example with default settings: If a file system error occurs the first time, a report is sent immediately. If this error occurs 10 more times within 24 hours, no further report is sent. If the error occurs an 11th time after 24 hours, an immediate report is sent again. This then contains the note that 10 error events have occurred in the last 24 hours

Regular email report

Regular email report
Enabled: Regular email reports are sent by default.
This only happens if any event with a log level has occurred. Otherwise no report will be sent.
UMA v3.1 AlertingCenter Regelmaessiger-Bericht-en.png
Section Regular Email Report

UMA v3.1 regelmaessiger bericht en.png
Example Regular Report

UMA v3.1 regelmaessiger bericht mit status en.png
Example Regular Report with Status Report
Integrate status report: Adds general status information to the report.
  • If the status report is activated, reports are also sent if no event has occurred.
  • Send report Sends a report with the error messages since the last regular report was sent.
    (Does not affect the next regular report)
    Individually requested reports always have a status report integrated.
    Recipient: ×admin@ttt-point.de (System Administrator) In addition to the System Administrator (default), 5 more email recipients can be added for regular reports.
    Notification types: × Level 2 - Info × Level 3 - Notice × Level 4 - Warning × Level 5 - Error × Level 6 - Critical
    × Level 7 - Alert
    × Level 8 - Emergency
    In the click box further priority groups can be selected or deselected.
    Events configured with these syslog groups are listed in a regularly sent mail.
    Date: × Monday × Tuesday × Wednesday × Thursday × Friday Weekdays can be selected or deselected in the click box.
    0500 Time at which the regular report is to be sent.




    Notifications

    Notifications

    There are two different groups of notifications: threshold-driven and event-driven notifications.

    Threshold-driven notifications

    UMA v3.1 AlertingCenter Benachrichtigung-Schwellenwert-en.png

    These values can be specified:

    • Tolerated exceedance of the threshold values:
    60 Minuten If a threshold value is exceeded over a longer period of time than specified here, a corresponding syslog event is triggered.
    For the first and second report levels
    • Notification type:
    Level 0 - No message Priority Group assigned to this level.
    • Threshold value
    1000 Value from which this level is reached




    Name Tolerated time exceeding the threshold values:
    Default value
    Threshold value 1
    Default value
    Notification type: Severity Level
    Threshold value 2
    Default value
    Notification type: Severity Level
    Description / Notes
    • Entropy
    Toleranced exceedance for
    (Default) 
    60 minutes
    Threshold value 1: 2 Kilobytes
    Level 0 - No message
    Threshold value 2: 1 Kilobyte
    Level 0 - No message
    The storage for random values should not be less than 2kb. Only occurs in extremely rare cases. Calling the admin interface and the associated generation of random parameters can remedy the situation .
    • Network traffic
    Toleranced exceedance for
    (Default) 
    60 minutes
    Threshold value 1: 20.000 Bytes
    Level 4 - Warning
    Threshold value 2: 200.000 Bytes
    Level 5 - Error
    An excessive load on the network interface may e.g. indicate that a backup medium is not optimally connected.
    • Memory use
    Toleranced exceedance for
    (Default) 
    60 minutes
    Threshold value 1: 8.000 Megabytes
    Level 0 - No message
    Threshold value 2: 16.000 Megabytes
    Level 0 - No message
    Can be individually configured to receive a warning in special environments (low RAM).


    Notifications controlled via events

    Example for Event driven Notification

    In the case of event-driven notifications, the
    Notification type: Level 0 - No message
    is directly assigned to a syslog priority group.


    Name Message: Default Syslog Group Description / Notes
    Backup/Restore terminated The data backup was terminated due to an error (job: Jobname).
    The data recovery was terminated due to an error (job: Jobname).
    Level 5 - Error Check log files
    Backup/Restore completed The data backup was completed (job: Jobname).
    The data recovery was completed (job: Jobname).
    Level 2 - Info
    File system File system error on device Name Level 7 - Alert Angehängte Logmeldung überprüfen
    DBUS Richtlinien Access to abc from service xyz to service 123 not permitted.. Level 6 - Critical Violation of DBUS guidelines. Please contact support.
    DMS indexer IMAP connection broken. Job will be restarted. (user: Abc) Level 3 - Notice
    Es können nicht alle Mails abgeholt werden Only fetched n of m mails from account abc. Level 4 - Warning
    • Mail defective (Haeder error, not rfc-compliant etc)
    • Multiple recipient users possible, thus no ( unique ) delivery is possible.
    • Activate debugging if necessary
    No disk space left The Securepoint Unified Mail Archive (UMA) is out of disk space (x% left). Level 5 - Error Archivspeicher erweitern siehe Wiki Artikel
    License Exceeded number of licensed users! / Invalid license! / Expired license! Level 5 - Error Check licence. If necessary, purchase additional / updated licences via the sales department or the reseller portal.
    LTA timestamp Can not get LTA timestamp! Level 7 - Alert The UMA requires a valid DNS server and an https connection to receive the time stamp required for archiving.
    LTA import Unable to add mail into LTA (user: Abc folder: xyz uid: 123). Level 5 - Error Error during LTA import. Please contact Securepoint Support.
    Mail server connection Error connecting to abc. Level 5 - Error fetchmail error when connecting to mail server. See note in our FAQ
    Mandatory Access Control (MAC) Security breach detected (MAC). Level 6 - Critical Unberechtigter Schreibzugriff. Bitte den Support kontaktieren.
    NTP server connection NTP: Can't connect to NTP server Level 3 - Notice Verbindung zum NTP-Server prüfen
    NNTP time adjustment NTP: Can't adjust system time Level 5 - Error Time difference between system time and NTP time too large
    RAID storage RAID is active with n out of m mirrors!
    RAID: Disk failure on sdx
    Level 6 - Critical Check RAID
    Uninterruptible Power Supply (UPS) UPS \1 is running on battery power.
    UPS \1 has a low battery.
    The battery in UPS \1 should be immediately replaced.
    Automatic shutdown is starting.
    UPS \1: Forced shutdown in progress.
    Communication with UPS \1 has been lost.
    Communication with the UPS \1 cannot be established.
    Level 6 - Critical USV prüfen
    User lookup
    • Multiple LDAP entries for abc!
    • Error at user lookup.
    • LDAP lookup timeout: abc.
    • Can't connect to LDAP server abc.
    • DAP binding failed: abc.
    • The Azure-AD search has failed (abc). Please refer the log for further details.
    • No valid exchange license assigned to user (abc). Mails will not get delivered until you assign a valid license.
    Level 5 - Error Benutzer Repositiory prüfen. (Verbindung / gültige Logins / Struktur)
    Running out of disk space Securepoint Unified Mail Archive (UMA) is running out of disk space (x% left). Level 4 - Warning Expand archive memory see Wiki article