Create a system notification rule

Create a notification rule to email a recipient list whenever system events occur such as sensor connection concerns, unsupported firmware versions, and license issues.

The ExtraHop system creates a default system notification rule that includes all system events and is assigned to the initial Administrator to log in to the console. You can disable or edit the default rule.

Before you begin

  • You must be logged into a console with full write privileges to change these settings.
  • The ExtraHop system must be connected to ExtraHop Cloud Services to send notifications through email.
  • Email notifications are sent from no-reply@notify.extrahop.com. Make sure to add this address to your list of allowed senders.
  1. Log in to the ExtraHop system through https://<extrahop-hostname-or-IP-address>.
  2. Click the System Settings icon and then click Notification Rules.
  3. Click Create.
  4. Click System.
  5. In the Name field, type a unique name for the notification rule.
  6. In the Description field, add information about the notification rule.
  7. If you only want to receive notifications from a specific sensor, select the sensor from the Sensors dropdown.
  8. In the System Events section, select the types of events you want to include in the rule.
    Option Description
    Sensor connection warning or error Sends a notification if a sensor is offline, disconnected from the console, or requires additional configuration.
    Sensor firmware upgrade available Sends a notification if the firmware on a sensor is unsupported and should be upgraded or if a newer firmware version is available for a sensor and the version is not later than the console firmware, if connected.
    License warning or error Sends a notification for sensor license states that need attention such as a license that is invalid, disconnected, expiring, or pending.
    Recordstore error (RevealX 360 only) Sends a notification if the sensor cannot connect to a recordstore to receive records and if a connection is restored.
    Device capacity warning Sends a notification if the number of active devices observed over the last 30 days is near (exceeds 80%) or over (exceeds 100%) your licensed limit.
    Recordstore ingest warning (RevealX 360 only) Sends a notification if recordstore ingest is near (exceeds 80%) or over (exceeds 100%) your daily record ingest capacity.
  9. Specify individual email addresses, separated by a comma.
  10. In the Options section, the Enable notification rule checkbox is enabled by default. Deselect the checkbox to disable the notification rule.
  11. Click Save.
Last modified 2024-10-15