Configuring Rule-Based Alerts for Events and Incidents

You can configure FIM to monitor integrity of your assets based on the conditions specified in an alert rule and send you notifications via email, pager or slack if events/incidents matching the condition in the rule are created. The alert message will have the events/incidents details. You get alert messages for incidents that are created using the correlation rule.

Refer to Configuring Correlation Rules to Auto Create Incidents.

For FIM to send alerts, you need to first configure rule actions to specify one or more actions to be performed when events or incidents matching the condition in the alert rule are triggered. Actions that you can choose are: send the alert messages by Email, PagerDuty or Post to Slack. Finally, create an alert rule and specify which events/incidents you want to monitor, criteria for triggering the rule and actions to be taken on those events/incidents. When a rule is triggered, FIM will send you the event/incident details to the configured account.

Related Topics

Qualys Query Library


Event Insights


Configuring correlation rules to auto create incidents