Create a Secure HTTPS Alert Action
In the following example, an HTTPS alert named AutoFocus-alerts is configured to send AutoFocus alerts to a web server using basic user authentication to enforce alert uploads.
- Select AlertsSettings.
- Add Alert Action:
- Give the alert action a descriptive Name.
- Select HTTPS as the alert Type to configure AutoFocus to use a secure communications channel.
- Set the alert destination server URL.Enter the URL of the server that you configured to receive HTTPS alerts. You can then test the connectivity to the server (Test URL). If the connection is valid, you will see .Self-signed server certificates are not supported. Server certificates must be signed by one of the trusted certificate authorities (CAs). Refer to Supported Trusted Certificate Authorities for more information.You can View supported cipher suites to see the list of supported TLS 1.2 trusted certificate authorities.
- Set the alert Digest to 5
Minutes or Daily.Digest sets the frequency with which AutoFocus checks for samples that match the alert criteria. AutoFocus collects all samples that match the alert criteria during the digest period and sends them in a single notification.
- Define the authentication method.For HTTPS alerts using basic authentication:Enter the credentials of an account that you configured on the server receiving the AutoFocus alerts.
- Save Changes.The Action drop-down contains all saved alert actions, which you can apply to samples matched to Unit 42, public, and private tags.
- Next steps:
Define Alert Actions
Define Alert Actions Define alert actions that you can then select to Enable Alerts by Tag Type . Defining alert actions includes choosing to receive ...
Secure AutoFocus Alerts
Secure AutoFocus Alerts Previously, AutoFocus™ HTTP alerts were transmitted in clear text over the Internet. You now have the option of sending notifications within a ...
Supported Trusted Certificate Authorities
Supported Trusted Certificate Authorities To enable HTTPS alerts, the server receiving the AutoFocus alerts must be signed by a trusted certificate authority (CA). To view ...
Edit Alerts Alerts are highly customizable and can be changed or deleted anytime. Change the settings of an existing alert action or alert exception as ...
Enable Alerts by Tag Type
Enable Alerts by Tag Type Enable alerts based on Tag Types . You can choose to generate an alert for all samples in your network ...
Alert Types An alert is a notification about samples that match a set of defined criteria. When you Create Alerts in AutoFocus, you have the ...
Supported TLS Ciphers
Supported TLS Ciphers AutoFocus HTTPS alerts support only TLS 1.2 with the following ciphers: TLS Ciphers Supported by AutoFocus DHE-RSA-AES128-SHA DHE-RSA-AES256-SHA AES128-SHA AES256-SHA AES128-SHA256 AES256-SHA256 ...
Supported TLS Ciphers
Supported TLS Ciphers AutoFocus HTTPS alerts support only TLS 1.2 with the following ciphers: TLS Ciphers Supported by AutoFocus TLSV1_2 DHE-RSA-AES128-SHA DHE-RSA-AES256-SHA AES128-SHA AES256-SHA AES128-SHA256 ...