About the alert templates

Kaspersky Threat Feed App comes with several alert templates that you can use and customize from the Alerts dashboard.

Alert templates and triggers

Following alert templates are available:

• Matches alert

  This alert is triggered if there were matches with Kaspersky Lab feeds in the past 24 hours.

• No Matches alert

  This alert is triggered if there were no matches with Kaspersky Lab feeds in the past 24 hours.

• Emergency alert

  This alert is triggered if there were 5000 matches with Kaspersky Lab feeds in the course of 1 minute.

• Service Unavailable alert

  This alert is triggered if Feed Service is unavailable.

• Service Started alert

  This alert is triggered when Feed Service is started.

Alert actions

By default, the "Send email" action is defined for all alerts. Splunk will send an email message to the email address specified for the action.

Note that you must specify a valid email address to receive email alerts. For more information, see Editing Kaspersky Threat Feed App configuration files.

Page top