Alert notifications

Web Security Analytics can notify you of triggered alerts through the graphical time line chart in the Web Security Analytics user interface and through email notifications.

Alert states

Alerts have two possible states:

  • Active. The alert's criteria are fulfilled.

  • Inactive. The alert's criteria are no longer met.

Email notifications

Learn about the types of email notifications you can receive through WSA and the typical contents of an email notification.

Web Security Analytics sends three types of email notifications:

  • Triggered. The alert status changes from inactive to active.

  • Ongoing. While an alert remains active, email reminders are send every 30 minutes.

  • Cleared. The alert status changes from active to inactive. The system clears an alert when the conditions that trigger the alert no longer apply.

For each type of alert notifications, an email is sent to the addresses specified in the alert's configuration. Each email notification contains the following details:

  • Email sender. "Akamai Web Security Notifications" noreply@akamai.com

  • Subject. Contains the notification type, alert priority, and alert name.

The email body contains the following attributes:

  • Alert name. The name of the alert for reference.

  • Alert start time. The time in GMT of when the alert became active.

  • Alert clear time. The time in GMT of when the alert became inactive.

  • Alert status. The current alert status. Either Triggered, Ongoing, or Cleared.

  • Alert priority. The alert priority as you defined it.

  • Alert description. The description of the alert for reference.

  • Account name. The name of the account that created the alert.

  • Security configuration. The name of the security configuration associated with the alert.

  • A hyperlink to Web Security Analytics.. Click this link to open Web Security Analytics in the alert's context (the alert filter and time range when the alert was active are automatically applied).

Debug information details are useful when troubleshooting issues with alerts:

  • Alert ID. The unique identifier of the alert. The last number in the ID is the alert version.

  • Iteration start time. For internal use only.

  • Email deposit time. The ISO 8601 timestamp of when the email was deposited to the internal mail relay.

  • Account ID. The identifier of the account associated with the alert.

  • Security configuration ID. The identifier of the security configuration associated with the alert.

  • Contract type ID. The identifier of the contract type associated with the alert.


Did this page help you?