Alerts

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Alerts

Not applicable

I have my Palo Alto setup to send emails out on critical alerts.  If someone tries attacking an outside IP I will get 60 alerts sometimes all in a row.  Is there anyway to get the email alert just once that the outside IP was hit 60 times as opposed to getting 60 email alerts?

Thanks

1 accepted solution

Accepted Solutions

L7 Applicator

Hello aguley,

I am not sure, if this will suppress system logs or not ( works with threat logs), But, You may try this command:

> set system setting logging log-suppression yes

Thanks

View solution in original post

3 REPLIES 3

L5 Sessionator

Hi aguley ,

With current feature set, if you configure device to send you Critical alerts, it will send you critical alerts each time it is generated. In your case 60 times or more in row. There is a feature request filed for your requirement of selective alerts. You can contact your local sales / system engineer to pursue feature request. He will be glad to file it on your behalf. Hope this helps. Thank you.

L7 Applicator

Hello aguley,

I am not sure, if this will suppress system logs or not ( works with threat logs), But, You may try this command:

> set system setting logging log-suppression yes

Thanks

Hulk,

Thanks.  I think this is exactly what I am looking for.  I Googled the command you sent and here is a PA article:

How Log Suppression Works

  • 1 accepted solution
  • 2745 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!