Add event definition / Edit event definition Form¶
Toolbar¶
Fields¶
Name |
Data type |
Description |
|---|---|---|
Name |
string |
The unique name identifier for this event definition. |
Description |
string |
Additional description explaining the purpose of this event definition. |
Is enabled |
boolean |
Indicates whether this event definition is active and will trigger actions when matching events occur. |
Source |
enum SYSLOG, SNMP |
The source type of events to monitor: System events or SNMP events. |
Action |
enum EMAIL, SMS, BLOCK, WEBHOOK, SYSLOG, SCRIPT |
The action to perform when a matching event is detected: notify, block, request, HTTP request, or Syslog request. |
Phrases |
array of |
The text phrases or patterns to match in incoming events for triggering this definition. |
Time unit |
enum PT5M, PT10M, PT30M, PT1H, PT2H, PT4H, PT8H, PT12H, PT24H |
The time unit for defining how long after an event occurs the action should be triggered. |
Template |
enum TemplateType |
Predefined template for parsing specific event formats from vendors like ESET, Flowmon, Fortigate, Palo Alto, StreamScan, or Suricata. |
Action URL |
string |
The URL endpoint to call when the action is triggered (used for HTTP request actions). |
Action HTTP POST data |
string |
The data to send in the HTTP POST request when the action is triggered. |
Action HTTP request type |
enum ActionHttpRequestType |
The HTTP method to use for the request: GET or POST. |
Integration server |
oneOf NestedIdentifier |
The integration server to use for processing the event action. |
Notification channels |
array of entity preview |
The notification channels to send alerts to when the event is triggered. |
Access groups |
array of entity preview |
Administration groups that can manage this event definition. |