Data Security Center (DSC) can send real-time notifications for data audit alerts, log capacity alerts, and abnormal AccessKey pair-based access alerts to specified email addresses. This allows you to handle exceptions at the earliest opportunity and ensures business continuity. This topic describes how to configure email and text message alert notifications.
Procedure
Log on to the DSC console.
In the left-side navigation pane, choose
.On the Alert Notification tab, click Create Alert Configuration.
In the Create Alert Rule panel, configure the parameters and click OK.
Parameter
Description
Alert Method
Select an alert notification method. Valid values include Mailbox and Text Message.
Email address verification
If you set the Alert Method parameter to Mailbox, you must complete Email address verification.
If you set the Alert Method parameter to Text Message, you must complete mobile number verification.
To prevent alert notifications from being sent to an unauthorized email address or mobile phone number, you must enter a verification code to verify the ownership of the email address or mobile phone number before you add the email address or mobile phone number to the recipient list. Verified email addresses or mobile phone numbers are automatically added to the recipient list. To complete the verification, perform the following steps:
In the Email address verification or Mobile Number Verification field, enter an email address or a mobile phone number and click Get Verification Code.
Enter the verification code in the Get Verification Code field and click Verification.
Mobile Number Verification
Recipients
Select the email address or mobile phone number of the alert recipient.
Alert Configurations
Select the alert type for which notifications are sent, and configure the severity or alert threshold. You can select multiple severities at a time. Valid values:
Audit Alerts: Notification emails are sent when an audit alert is triggered and the selected severities are matched based on the audit rules that you configure.
Storage alerts: Notification emails are sent when the used log storage capacity exceeds the specified alert threshold.
Unusual AccessKey Pair Usage: Notifications are sent by using the specified notification method to alert recipients when the data detection and response feature detects unhandled abnormal AccessKey pair-based access events. Only the email notification method is supported.
Maximum Alerts
Specify the maximum number of notifications that can be sent for the alerts triggered by a single rule within 24 hours.
Valid values: 0 to 10. Default value: 10. The accumulated number of notifications is cleared at 00:00 each day. If you set the parameter to 0, no alert notification is sent.
References
For more information about how to configure and use audit alert rules, see Audit alerts.
For more information about how to manage the storage of data audit logs, see Manage log storage.
For more information about how to use the data detection and response feature, see Overview.