Authenticated email alerts are the most popular Notification Method used in Event Log Management and Window Server Monitoring. This mainstay option provides the system management information with the speed and reliability Administrators depend on.
Listed below is a description of the configurations and settings used in the Mail Notification Method available in ELM Enterprise Manager 7.0. It describes the data required to support authenticated email for both onsite and hosted mail services. In addition, testing and verification options are presented.
Products Affected
ELM Enterprise Manager 7.0
Configuring Authenticated eMail Notifications
From the ELM Console, expand the ELM Server, then Viewing and Notifying, and finally the Filters and Methods Library.
- For updating an existing Mail Notification, select it from the list in the results pane and double-click to open the Properties.
- For a new Mail Notification, right-click on All Notification Methods and from the context menu select New/Notification Method. This will open the Notification Method Wizard. Activate Next on the introduction page and select Mail Notification from the drop down options. After selecting Next, the first configuration page with the Properties will appear.
Both options will present a page with the following fields:
SMTP Server
Provide the name of the SMTP Server.
From Field
Some, if not all, mail services required an email formatted address in the From field. These addresses are not validated and provide an opportunity to be creative with the sender identity.
In the example above, the event variable %computer% is used for the mailbox name (local-part). This identifies the sender as the system where the event log entry was written. Alternately, %eventid%, %type% or simply “ELM” can be used.
Unfortunately, this field is overwritten when authentication is used. The customized From address will be replaced with the user account email address.
Maximum Message Length
Maximum Message Length provides a method of limiting the size of the email message. The default value is large enough to capture all known Windows events, but maybe too long for mobile devices.
Priority
The Priority drop-down box provides the option for assigning the alerts as High, Normal and Low importance. For the High or Low Priority (Importance) settings, an icon appears in the designated column in the Inbox. It can be used to evaluate the urgency of the alert. In addition, sorting the column by Priority will arrange the most important notification at the top of the list.
Transport Layer Security (TLS)
Selecting the TLS option assigns the encrypting protocol to the authenticated email. This is a requirement of many mail systems. Without it, the email notification will fail.
TSL Port
The most commonly used Port for TLS communication is 587. The port must be manually entered in the field to override the default (SMTP) Port 25.
Authentication Selection
Provide a user account email address and password to gain SMTP Server access.
To Field
To view the To Field, either select Next in the Wizard or the Mail Message tab in the Notification Properties. This field supports a single email address, semicolon delimited email addresses and distribution groups.
Mail Configuration Testing
ELM offers a real-time test feature for mail notifications. It confirms all of the configurations are valid and the alert was processed. From the eMail Alert Properties, select the Mail Message tab. In the bottom right corner is a Test button. This button is also found on the “Enter the Mail Message Settings” page of the Mail Notification Wizard.
To confirm the accuracy of the SMTP configurations, execute the Test Button.
-
- Successful Mail Notification Test
The successful processing of the email alert is confirmed in a popup dialog box. It also provides an option to review the SMTP report.
A test email is sent to the address(es) listed in the To Field. It is delivered with sample variables inserted into the message text.
-
- Failed Mail Delivery Test
- SMTP Configurations
- Failed Mail Delivery Test
When the SMTP settings are incomplete or inaccurate, the email will be rejected. In this case, the SMTP failure report is displayed.
-
-
- Invalid Recipient eMail Address
-
If the confirmation test email is not received, an invalid email address may have been added to the To Field. The SMTP Server often alerts the user account that the email was Undeliverable.
Mail Alert Verification
For direct confirmation of a Mail Notification Method success, assign it to an active View and monitor the target Inbox. One option is to use the Point to Point Verification-Correlation View. It will trigger a Match Found Notification every 10 minutes for each Agent (at default settings).
To use this method, select the Views/Correlation/Matching tabs of the configured Mail Notification in either the New Notification Wizard or Notification Properties. Then, check the Point to Point Verification View. This will trigger the mail notification every time the consecutive heartbeat events are written, collected, stored, and displayed in a View.
After assigning the mail alert, go to the Inbox of the email address listed in the To Field and wait for the email to arrive. Once the notification is confirmed, return to the Views/Correlation/Matching tabs of the Mail Notification and uncheck the Point to Point Verification View.
If the email fails as a result of a SMTP error, ELM will write an Error event to the Application Log of the ELM Server system. The event includes the following parameters:
-
-
- Source: EEMSVR
- Event ID:5403
-
An Include Filter is been built with these parameters and assigned to the ELM Dashboard Status High-Event View. As a result, if a Mail Notification Method fails because of an SMTP error, the Status of the ELM Server system in the ELM Dashboard will be updated with Red Diamond and a Priority 8 status. This notification option provides active monitoring for failed email alerts.
If the authenticated email fails as a result of an error in the To Field address, an Undeliverable message is usually sent by the SMTP Server to the user account email address.