Created on 03-08-2022 09:18 AM Edited on 03-08-2022 09:19 AM By Anonymous
Description | This article will demonstrate creating an alert timeline with automatic escalations. |
Scope | FortiMonitor Control Panel |
Solution |
Alert Timelines are essential notification schedules for occurring incidents. Any number of timelines can be created, and each timeline can contain any number of events. This allows the user to create an automated escalation schedule based on incident duration.
Incidents will remain active until the underlying conditions creating the incident are resolved. Users may alternatively place the problematic instance under maintenance (preventing alerts for a set time limit), manually escalate to the next event on the alert timeline, or manually prevent future timeline events from occurring.
In the above example, the timeline is configured to first alert Group 1 (chosen from Contact Groups when adding a new event) with a trigger time of immediate (0 hours, 0 minutes, 0 seconds). If an hour passed and none of the users within Group 1 remedy the issue, cancel escalations, or put the instance under maintenance, then the next event will trigger notifying "SysAdmin". If two hours pass and neither Group 1 members or SysAdmin have performed the actions listed above, then it will escalate to "CTO".
More information on alert timelines may be found on the FortiMonitor documentation site.
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.