I have my Palo Alto setup to send emails out on critical alerts. If someone tries attacking an outside IP I will get 60 alerts sometimes all in a row. Is there anyway to get the email alert just once that the outside IP was hit 60 times as opposed to getting 60 email alerts?
Hi aguley ,
With current feature set, if you configure device to send you Critical alerts, it will send you critical alerts each time it is generated. In your case 60 times or more in row. There is a feature request filed for your requirement of selective alerts. You can contact your local sales / system engineer to pursue feature request. He will be glad to file it on your behalf. Hope this helps. Thank you.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!