Manual Chapter : Managing Notification Rules
Applies To:Show Versions
BIG-IQ Centralized Management
Managing Notification Rules
About notification rules
Notification rules are accessed from within the Policy Editor and are used to notify users when a policy (firewall policy or NAT policy) is changed or when a percentage of the maximum supported configuration objects is reached. The notifications are configured using notification rules and are delivered through email, such an email is referred to as a notification email. Notification rules can be useful for administrators who wish to be notified when policies are changed, or who wish to notify others of such changes. Notifications can also be sent based on shared resources used by policies.
About Notification Email
There are two kinds of notification email that can be sent using notification rules:
- If a Policy Notify rule type is selected, the notification email lists what specified policies have changed, possibly including any changed shared resources.
- If a Limit Notify rule type is selected, the notification email lists what specified limits have been reached. The limits can include device limits, object limits or both.
- The limit for a device is determined by the license for that device. The email contains the number of devices and the percentage of devices used, based on the maximum number of devices.
- The limit for objects is a total number of objects for all devices being managed by the BIG-IQ system. Shared objects, such as virtual servers, only count as a single object even if they are used multiple times. The email contains the number of objects for all devices being managed and the percentage of objects used, based on the maximum number of objects.
Adding and scheduling notification rules
Use the Notification Rules screen to add and schedule a new notification rule.
Creating notification rules
- ClickCreateand the Notification Rules - New Item screen is displayed.
- On the Properties tab, specify the appropriate values for the following fields.PropertyDescriptionNameSpecify a name for the notification. This is required.DescriptionSpecify a description for the notificationEmail CommentSpecify the content of the email for this notificationFormatSelect the format of the notification to be eitherPlain TextorCSV.Rule TypeSelect the type of notification rule to use.
Email RecipientsSpecify information about one or more email recipients.
- Policy Notifyindicates that the notification is triggered when the policy has changed. You specify the policy on the Policy Notify tab.
- Limit Notifyindicates that the notification is triggered when a limit has been reached. You specify the limit on the Limit Notify tab.
To add another recipient, click the (+) plus sign and supply theNameandEmail Addressfields for that recipient.To remove a recipient, click the (X) to the right of the email recipient.
- In theNamefield, specify a name for the recipient.
- In theEmail Addressfield, specify the email address of the recipient.
- If you specified theRule TypeasPolicy Notify, specify the appropriate values for the following fields on the Policy Notify tab.FieldDescriptionAvailable Firewall PoliciesSelect the firewall policy the rule should monitor and notify you when it changes, then clickAdd. The selected policy is added to the list of firewall policies below theAvailable Firewall Policiesfield.Notify on Dependent ObjectsDetermines whether or not dependent objects, such as shared resources, are also monitored by the rule. By default this option is selected, indicating that shared resources should also be monitored.Available NAT PoliciesSelect the NAT policy the rule should monitor and notify you when it changes, then clickAdd. The selected NAT policy is added to the list of policies below theAvailable NAT Policiesfield.Notify on Dependent ObjectsDetermines whether or not dependent objects, such as shared resources, are also monitored by the rule. By default this option is selected, indicating that shared resources should also be monitored.To delete a policy from the list, click theXto the right of theNotify on Dependent Objectsoption.
- If you specified theRule TypeasLimit Notify, specify the appropriate values for the following fields on the Limit Notify tab.FieldDescriptionDevice Limit NotificationSelect this check box to be notified when the BIG-IQ system reaches a specified limit.Device Limit ThresholdsSpecify the device limit thresholds at which a notification email is sent. A device limit is a percentage of the number of BIG-IP devices your BIG-IQ system is managing. You can set up to three limits that are each a percentage of the limit amount by modifying the percentage amount in each of the three device limit threshold fields. For example, if your BIG-IQ system is licensed to handle 10 BIG-IP devices, you would go over the threshold of 49% when 5 BIG-IP devices were being managed.Object Limit NotificationSelect this check box to be notified when a specified object limit is exceeded.Object Limit ThresholdsSpecify the object limit thresholds at which a notification email is sent. You can set up to three limits that are each a percentage of the limit amount by modifying the percentage amount in each of the three object limit threshold fields.As more operations occur with more BIG-IP devices, the number of objects in use by the BIG-IQ system grows. The maximum number of objects supported varies depending on the BIG-IP device configuration.
- Save your work.
Scheduling notification rules
Once a notification rule has been created it can be scheduled. To schedule a notification rule, click the check box to the left of the rule to select it, and then click
Edit Schedule. The Notification Rules Evaluation Interval dialog is displayed. In this dialog, specify the interval at which the schedule should run.
Editing notification rules
From the Notification Rules screen in the Policy Editor, you can edit notification rules.
- Click the name of the notification rule to edit that rule and display the editing screen.
- The rule is locked for editing.
- Change the property and field values that you need to modify.
- ClickSaveto save changes.
- When finished, clickSave & Closeto save changes, release the lock, and exit the screen.
Deleting notification rules
From the Notification Rules screen in the Policy Editor, you can remove notification rules.
- Select the rule to be removed by clicking the check box to the left of the rule.