Notification Outputs Overview

This topic provides an overview of notification outputs. notification outputs are required when defining an ESA rule. You can configure notification outputs in the Administration System view ( netwitness_adminicon_25x22.png (Admin) > System > Global Notifications > Outputs tab).

Global Notifications configurations define notifications settings for Event Source Management (ESM), Health and Wellness, New Health and Wellness, Global Audit Logging, Event Stream Analysis (ESA), and Respond.

Note: You do not need to configure notification outputs (the Output tab) for Global Audit Logging.

Notification outputs are the destinations used for sending notifications. For ESA, notification outputs enable you to define how you want to receive the ESA alerts. The following are the different notification outputs supported by NetWitness:

  • Email
  • SNMP
  • Syslog
  • Script

Note: New Health and Wellness supports only Email and Syslog notification outputs.

Note: ESA SNMP notifications are not supported for NetWitness 11.3 and later.

Email notification settings define the destination email address to which you can send the alerts. You can also add a custom description in the subject of the email and define multiple destination email addresses.

SNMP notification settings enable you to define the SNMP settings to send alert notifications. Syslog notifications enable you to define the Syslog settings used to send alert notifications. Script notifications enable you to define the Script that executes in response to the alert.

For detailed information on the notification configurations, including parameters and descriptions, see Define Notification Server Dialogs.