KFSensor

 

EMail Alerts

In addition to recording events in the event log and providing audio and system tray alerts, KFSensor is able to send alerts by email.

Use the EMail Alerts dialog box to configure the sending of alert emails

This can be useful if you are not running KFSensor on your own machine, but still want to be notified when an attack occurs.

KFSensor allows you to send email alerts to an unlimited number of email addresses.

If KFSensor cannot send an email because the destination SMTP is down or too busy to accept connections then KFSensor will try to re-send the email every fifteen minutes for one hour and after that every hour. If the message still cannot be sent after six hours then the failure will generate an error event in the event log.

If you are sending email alerts to an external email domain then it is recommended that you use the "Via SMTP Server" option as this will make the sending of the notification more reliable.

The Alerts section of the Concepts part of the manual describes the different alert options in more detail.

Alert EMail

  • Enable
    If this option is checked the email alert feature will be enabled and the rest of the settings must contain correct values for the emails to work.
  • Message title
    This enables you to set the first part of the email subject line.
    Extra details, such as the visitor's IP address will be appended to the message title.
  • Message type
    • long
      The long email type contains the full details of the event in the message body.
    • short
      The short email type contains only a minimal amount of information on an event and is more suitable if you are redirecting your alert emails to a mobile device.

Addresses

  • Send to
    The email address to send the alert emails to.
    Multiple emails addresses can be specified. Separate each address with a semi-colon (;) character.
  • Send from
    The email address to send the alert emails from.
    This does not have to be a real email account.
  • Domain from
    The domain name which KFSensor will identify itself to the target SMTP server.
    If blank then the domain name of the Send from email will be used.

Via SMTP Server

  • SMTP Server
    The domain name or IP address of the SMTP server to send the alerts to.
  • Port
    The port number of the SMTP server to send the alerts to.
  • User name
    If the SMTP server requires authentication then enter the user name of the account with which to log on.
    Only basic authentication is currently supported.
  • Password
    The password of the account with which to log on.

Filter

This functionality has been enhanced in version 4.2
These options are used to restrict the number of emails sent so as not to overload your in-box.
The default setting will allow one email alter per visitor, with a maximum of five email alter in total, to be sent in any one hour period.
  • Interval
    This is the time period in which the email alter filter applies. After the specified time interval the limit counts will be reset and emails can be sent again.
    If this value is zero then KFSensor then email alerts are not filtered and all will be sent.
  • Severity
    This limits the sending of alert emails based on the severity of the event.
    e.g. If set to Medium then only events with a Medium or High severity will generate alert emails.
  • Max emails
    This specifies the maximum number of emails that will be sent in the time interval.
  • Max per visitor
    This specifies the maximum number of emails that will be sent that relate to one visitor. If this value is lower than the Max emails field then it allows alerts from more than one visitor to be sent.

Related Topics


KFSensor On-Line Manual Contents