Configuring Email Notifications

Email notifications will inform recipients about monitored nodes being down or out of communications.

Note: Email alerts do not include issues with connectors or Collectors. However, containers may be the subject of email alerts.

Before configuring email notifications, ensure that values are specified for your SMTP settings under Administration > System Admin > System > SMTP. For more information on SMTP settings, see SMTP.

Once configured, email notifications must be configured for each of the notification rules you wish to trigger an alert.

To configure email notifications:

  1. In a text editor, open the file .../userdata/arcmc/logger.properties. (If the file does not exist, you can create it in a text editor. When creating the file, ensure that it is owned by the non-root user.)

  2. Add a new line with the new property named monitoring.notification.emails and a value equal to a comma-separated list of email addresses of all administrators you intend to receive notifications. For example, this value would send email alerts to address1@example.com and address2@example.com:

    monitoring.notification.emails=address1@example.com,
    address2@example.com

  3. Save the modified logger.properties file.

  4. Restart the ArcMC web process.

  5. In the rules editor, open the notification rule you wish to trigger an email alert, and under Notify Me, select Email.

Example Email Notification

An example of the email sent to recipients is shown here.

<URI> refers to the URI of a problematic node.

NodeN is the hostname of a problematic node.

This information is found on the Hosts tab under Node Management.

Subject: <Email title>
The following nodes are either down or not reachable from ArcSight Management Center:

//Default/<URI>/<Node1>

//Default/<URI>/<Node2>