You can configure notification about events occurring in Kaspersky Security Center Linux. Depending on the notification method chosen, the following types of notifications are available:
To configure notification delivery of events occurring in Kaspersky Security Center Linux:
The Administration Server properties window opens with the General tab selected.
The Email tab allows you to configure event notification by email.
In the SMTP servers field, specify mail server addresses, separating them with semicolons. You can use the following values:
In the SMTP server port field, specify the number of an SMTP server communication port. The default port number is 25.
If you enable the Use DNS MX lookup option, you can use several MX records of the IP addresses for the same DNS name of the SMTP server. The same DNS name may have several MX records with different values of priority of receiving email messages. Administration Server attempts to send email notifications to the SMTP server in ascending order of MX records priority.
If you enable the Use DNS MX lookup option and do not enable usage of TLS settings, we recommend that you use the DNSSEC settings on your server device as an additional measure of protection for sending email notifications.
If you enable the Use ESMTP authentication option, you can specify the ESMTP authentication settings in the User name and Password fields. By default, the option is disabled, and the ESMTP authentication settings are not available.
You can specify TLS settings of connection with an SMTP server:
You can select this option if you want to disable encryption of email messages.
You can select this option if you want to use a TLS connection to an SMTP server. If the SMTP server does not support TLS, Administration Server connects the SMTP server without using TLS.
You can select this option if you want to use TLS authentication settings. If the SMTP server does not support TLS, Administration Server cannot connect the SMTP server.
We recommend that you use this option for better protection of the connection with an SMTP server. If you select this option, you can set authentication settings for a TLS connection.
If you select Always use TLS, check server certificate validity value, you can specify a certificate for authentication of the SMTP server and choose whether you want to enable communication through any version of TLS or only through TLS 1.2 or later versions. Also, you can specify a certificate for client authentication on the SMTP server.
You can specify certificates for a TLS connection by clicking the Specify certificates link:
You can receive a file with the list of certificates from a trusted certification authority and upload the file to Administration Server. Kaspersky Security Center Linux checks whether the certificate of an SMTP server is also signed by a trusted certification authority. Kaspersky Security Center Linux cannot connect to an SMTP server if the certificate of the SMTP server is not received from a trusted certification authority.
You can use a certificate that you received from any source, for example, from any trusted certification authority. You must specify the certificate and its private key by using one of the following certificate types:
You must specify a file with the certificate and a file with the private key. Both files do not depend on each other and the order of loading of the files is not significant. When both files are loaded, you must specify the password for decoding the private key. The password can have an empty value if the private key is not encoded.
You must upload a single file that contains the certificate and its private key. When the file is loaded, you must then specify the password for decoding the private key. The password can have an empty value if the private key is not encoded.
Clicking the Send test message button allows you to check whether you configured notifications properly: the application sends a test notification to the email addresses that you specified.
In the Recipients (email addresses) field, specify the email addresses to which the application will send notifications. You can specify multiple addresses in this field, by separating them with semicolons.
In the Subject field, specify the email subject. You can leave this field empty.
In the Subject template drop-down list, select the template for your subject. A variable determined by the selected template is placed automatically in the Subject field. You can construct an email subject selecting several subject templates.
In the Sender email address: If this setting is not specified, the recipient address will be used instead. Warning: We do not recommend using a fictitious email address field, specify the sender email address. If you leave this field empty, by default, the recipient address is used. It is not recommended to use fictitious email addresses.
The Notification message field contains standard text with information about the event that the application sends when an event occurs. This text includes substitute parameters, such as event name, device name, and domain name. You can edit the message text by adding other substitute parameters with more relevant details about the event.
If the notification text contains a percent sign (%), you have to type it twice in a row to allow message sending. For example, "CPU load is 100%%".
Clicking the Configure numeric limit of notifications link allows you to specify the maximum number of notifications that the application can send during the specified time interval.
The SMS tab allows you to configure the transmission of SMS notifications about various events to a cell phone. SMS messages are sent through a mail gateway.
In the SMTP servers field, specify mail server addresses, separating them with semicolons. You can use the following values:
In the SMTP server port field, specify the number of an SMTP server communication port. The default port number is 25.
If the Use ESMTP authentication option is enabled, you can specify the ESMTP authentication settings in the User name and Password fields. By default, the option is disabled, and the ESMTP authentication settings are not available.
You can specify TLS settings of connection with an SMTP server:
You can select this option if you want to disable encryption of email messages.
You can select this option if you want to use a TLS connection to an SMTP server. If the SMTP server does not support TLS, Administration Server connects the SMTP server without using TLS.
You can select this option if you want to use TLS authentication settings. If the SMTP server does not support TLS, Administration Server cannot connect the SMTP server.
We recommend that you use this option for better protection of the connection with an SMTP server. If you select this option, you can set authentication settings for a TLS connection.
If you select Always use TLS, check server certificate validity value, you can specify a certificate for authentication of the SMTP server and choose whether you want to enable communication through any version of TLS or only through TLS 1.2 or later versions. Also, you can specify a certificate for client authentication on the SMTP server.
You can specify SMTP server certificate file by clicking the Specify certificates link. You can receive a file with the list of certificates from a trusted certification authority and upload the file to Administration Server. Kaspersky Security Center Linux checks whether the certificate of an SMTP server is also signed by a trusted certification authority. Kaspersky Security Center Linux cannot connect to an SMTP server if the certificate of the SMTP server is not received from a trusted certification authority.
In the Recipients (email addresses) field, specify the email addresses to which the application will send notifications. You can specify multiple addresses in this field, by separating them with semicolons. The notifications will be delivered to the phone numbers associated with the specified email addresses.
In the Subject field, specify the email subject.
In the Subject template drop-down list, select the template for your subject. A variable according to the selected template is put in the Subject field. You can construct an email subject selecting several subject templates.
In the Sender email address: If this setting is not specified, the recipient address will be used instead. Warning: We do not recommend using a fictitious email address field, specify the sender email address. If you leave this field empty, by default, the recipient address is used. It is not recommended to use fictitious email addresses.
In the Phone numbers of SMS message recipients field, specify the cell phone numbers of the SMS notification recipients.
In the Notification message field, specify a text with information about the event that the application sends when an event occurs. This text can include substitute parameters, such as event name, device name, and domain name.
If the notification text contains a percent sign (%), you have to type it twice in a row to allow message sending. For example, "CPU load is 100%%".
Click the Send test message to check whether you configured notifications properly: the application sends a test notification to the recipient that you specified.
Click the Configure numeric limit of notifications link to specify the maximum number of notifications that the application can send during the specified time interval.
If this notification method is selected, in the entry field you can specify the application that will start when an event occurs.
In the Executable file to be run on the Administration Server when an event occurs field, specify the folder and the name of the file to be run. Before specifying the file, prepare the file and specify the placeholders that define the event details to be sent in the notification message. The folder and the file that you specify must be located on the Administration Server.
Clicking the Configure numeric limit of notifications link allows you to specify the maximum number of notifications that the application can send during the specified time interval.
Selecting the notification method
The saved notification delivery settings are applied to all events that occur in Kaspersky Security Center Linux.
You can override notification delivery settings for certain events in the Event configuration section of the Administration Server settings, of a policy's settings, or of an application's settings.
See also: |