Managing and Configuring Wazuh Alerts for Critical Incidents Only
123 views
Skip to first unread message
netcy94
May 30, 2023, 10:30:48 PM5/30/23
to Wazuh mailing list
Hi Team,
I need assistance in configuring Wazuh alerts to receive notifications only for critical incidents that require immediate attention. Currently, I receive notifications for all severity levels, causing information overload. I would like to filter alerts to focus on high and critical-severity incidents. Additionally, guidance on adjusting email notification settings would be appreciated.
Thank you for your prompt support.
elw...@wazuh.com
May 31, 2023, 2:16:03 AM5/31/23
to Wazuh mailing list
Hello Netcy94,
You can modify the level of the email notification by changing the <email_alert_level>10</email_alert_level> to a higher level than your default as mentioned here https://documentation.wazuh.com/current/user-manual/manager/manual-email-report/index.html#generic-email-options . Also, you can be more granular with your email alerting by configuring it to be sent based on a certain group, level, or ID of alerts as detailed here https://documentation.wazuh.com/current/user-manual/manager/manual-email-report/index.html#granular-email-options.
I hope this helps.
Regards,
Wali
You can modify the level of the email notification by changing the <email_alert_level>10</email_alert_level> to a higher level than your default as mentioned here https://documentation.wazuh.com/current/user-manual/manager/manual-email-report/index.html#generic-email-options . Also, you can be more granular with your email alerting by configuring it to be sent based on a certain group, level, or ID of alerts as detailed here https://documentation.wazuh.com/current/user-manual/manager/manual-email-report/index.html#granular-email-options.
I hope this helps.
Regards,
Wali
Reply all
Reply to author
Forward
0 new messages