This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Email alerts,.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Email alerts,.

Go to solution
Gururaj
L4 Transporter

‎08-28-2013 04:40 AM

Hi All,.

Is it possible to generate email alert for particular event and send it to particular email id?

Example: If any data found (in attachment or in email) which is defined in DATA Pattern send alert to  ABC@test.com

              If any file is blocked then send alert to     XYZ@test.com

Regards,

Gururaj

0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
kprakash
L5 Sessionator

‎08-28-2013 06:02 AM

You can use the below method. The only difference is that you will not get the emails instantly, but only at the time the scheduled email reports are sent out.

create a custom report for the file blocking / data filtering events

data filtering.JPG.jpg

add this custom report to a report group:

data-filtering-2.JPG.jpg

Use this report group under an email scheduler

data-filtering-3.JPG.jpg

You can play around with the override email addresses, depending upon who the recipient of the email shall be

BR,

Karthik

View solution in original post

0 Likes Likes
3 REPLIES 3

Go to solution
panos
L6 Presenter

‎08-28-2013 05:30 AM

Not directly supported but can do other things like log forwarding traffic log hits that 2 specific rule written.

Also look at Email notification per specific threat

Go to solution
kprakash
L5 Sessionator

‎08-28-2013 06:02 AM

You can use the below method. The only difference is that you will not get the emails instantly, but only at the time the scheduled email reports are sent out.

create a custom report for the file blocking / data filtering events

data filtering.JPG.jpg

add this custom report to a report group:

data-filtering-2.JPG.jpg

Use this report group under an email scheduler

data-filtering-3.JPG.jpg

You can play around with the override email addresses, depending upon who the recipient of the email shall be

BR,

Karthik

0 Likes Likes

Go to solution
Retired Member
Not applicable

‎01-24-2017 11:20 AM

Doing it through reporting will require that you either run it every x minutes if you want the same day's data. When you run a scheduled report, the best you'll get is yesterday's data.

 

Here is how I did it years ago when we had several SMTP servers sending us malicious email attachments with the same message body.

 

  1. What you could do is create a data filtering profile searching for a data pattern X in application SMTP.
  2. Then create a firewall policy with SMTP as the application type and port 25 as the service port in the policy then apply your Data Filtering profile (and anything else SMTP should have for a profile like AV etc. too!). 
  3.  Put this above your regular SMTP permit policies. 
  4.  Don't forget you won't see a match if you aren't decrypting the SSL when using encrypted SMTP so add that also if needed.
  5.  Now on that firewall policy make sure your logging destination includes an email forwarding profile so you get an alert everytime it is matched.
0 Likes Likes
  • 1 accepted solution
  • 2990 Views
  • 3 replies
  • 0 Likes
  • 101 Subscriptions
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks