Configure Access Point Notification Rules

In WatchGuard Cloud, you can configure notification rules to generate alerts and send email notifications for device events about your wireless access points.

Access Point Notification Types

For each Access Point notification rule you add in WatchGuard Cloud, you select the action or event that causes the rule to generate an alert. For device rules, you can select one of these notification types:

Device Alarms

Generates an alert for alarm events received from Fireboxes and access points. The Device Alarms rule generates device notifications for many types of alert conditions for both Firebox and access point devices. This might increase the volume of email messages you receive if the delivery method in the notification rule is Email.

NTP Server Status

Indicates the status of the access point’s connection to an NTP server.

  • Connected — Access Point [device name] is connected to an NTP server.
  • Disconnected — Access Point [device name] cannot connect to an NTP server.

Low System Memory

Indicates if the access point is low on memory.

  • Access Point [device name] is low on memory. Only [percentage of free memory] % of memory left.

DFS Radar Detection

Indicates if the access point has changed channels because radar was detected on a DFS channel.

  • Access Point [device name] detected a radar on channel [previous channel] and changed to [new channel].

File System Integrity Check

Indicates if file system integrity checks have detected a new file on the device.

  • Access Point [device name] has detected a new file [file name] with hash [sha1sum] in the device’s protected filesystem. This might be a new system file, and no threat is detected by the system integrity check.

Country of Operation Change

Indicates if the access point has been connected in a different country of operation.

  • Location of Access Point [device name] has changed from [previous country] to [new country].

Airspace Monitoring

Indicates malicious access point detections from Airspace Monitoring.

  • Evil Twin [SSID], [MAC address] detected at [RSSI]dBm by access point [detecting device].
  • Rogue AP [SSID], [MAC address] detected at [IP address], at [RSSI]dBm by access point [detecting device].
  • Suspected Rogue AP [SSID], [MAC address] detected at [IP address], at [RSSI]dBm by access point [detecting device].

Device Deleted

Generates an alert when a Firebox or access point is removed from your account.

Device Registered

Generates an alert when a Firebox or access point is added to your account.

Cloud Connection Status

Generates an alert when a Firebox or access point connects or disconnects from WatchGuard Cloud.

Add a Notification Rule for Access Points

Your operator role determines what you can see and do in WatchGuard Cloud. Your role must have the Configure Notification Rules permission to view or configure this feature. For more information, go to Manage WatchGuard Cloud Operators and Roles.

To add a new notification rule for access points, from WatchGuard Cloud:

  1. Select Administration > Notifications.
  2. Select the Rules tab.

Screen shot of WatchGuard Cloud Notifications page, Add Rule

  1. Click Add Rule.
  2. On the Add Rule page, in the Name text box, type a name for your rule to help you identify it.
  3. From the Notification Source drop-down list, select Devices.
  4. From the Notification Type drop-down list, select the action or event that causes this rule to generate an alert.
  5. (Optional) Type a description for your rule.
  6. From the Delivery Method drop-down list, select one of these options:
    • None — The rule generates an alert that appears on the Alerts page in WatchGuard Cloud.
    • Email — The rule generates an alert that appears on the Alerts page in WatchGuard Cloud and sends a notification email to the specified recipients.
  7. If you select Email for the delivery method:
    1. From the Frequency drop-down list, configure how many email messages the rule can send per day:
      • To send an email message for each alert the rule generates, select Send All Alerts.
      • To restrict how many email messages the rule sends each day, select Send At Most. In the Alerts Per Day text box, type the maximum number of email messages this rule can send each day. You can specify a value up to 20,000 alerts per day.
    2. In the Subject text box, type the subject line for the email message this rule sends when it generates an alert. You can type a maximum of 78 characters.
    3. In the Recipients text box, type the email address for each person you want to receive an email message when this rule generates an alert. You can type multiple email addresses. Press Enter after each email address or separate the email addresses with a space, comma, or semicolon.

    Screen shot of WatchGuard Cloud, Add Rule page, Recipients section

  8. Click Add Rule.

To delete a notification rule, clickScreen shot of the Delete iconnext to the rule you want to delete.

For more information on how to manage alerts, go to Manage WatchGuard Cloud Alerts.

Related Topics

Configure Rules for Notifications

See Audit Logs