03-08-2023 09:38 AM
Hello -
One of the reasons I am taking a look at AIOps (free) is for alerting, but it doesn't seem to correlate from firewalls to AIOps. For example: I would like email alerts for this sort of thing. I currently have, on Panorama > Collector Groups > Collector Log Forwarding > System the following filter to email me ((eventid eq 'config-not-synch') and (description contains 'configuration not synchronized')) and that works great. Now how do I equate that to AIOps?
device_name: MyFirewall
vsys_id: 0
vsys:
eventid: config-not-synch
object:
fmt: 0
id: 0
module: general
severity: high
opaque: HA Group 1: Commit on local device with running configuration not synchronized; synchronize manually
dg_id: 0
tpl_id: 0
In AIOps I have this set:
Settings > Alert Notification Rules >
Rule Name: Warning Config Sync
Rule Conditions: Alert name equals Config Sync
But that doesn't seem to be triggered???
03-13-2023 12:53 PM
Hello @RobertShawver ,
I saw your post and have a few recommendations for you. You may want to look at initially,
This document may help in resolving the issue
https://docs.paloaltonetworks.com/aiops/aiops-for-ngfw/alerts-toc/alerts-reference
Thanks and Regards,
Edison K Benny
Product Specialist
Palo Alto Networks
03-13-2023 12:53 PM
Hello @RobertShawver ,
I saw your post and have a few recommendations for you. You may want to look at initially,
This document may help in resolving the issue
https://docs.paloaltonetworks.com/aiops/aiops-for-ngfw/alerts-toc/alerts-reference
Thanks and Regards,
Edison K Benny
Product Specialist
Palo Alto Networks
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
