{"id":2544,"date":"2025-07-02T12:23:35","date_gmt":"2025-07-02T12:23:35","guid":{"rendered":"https:\/\/zecurit.com\/help\/docs\/asset-manager\/asset-management\/alert-policy\/"},"modified":"2025-07-22T10:07:02","modified_gmt":"2025-07-22T10:07:02","slug":"alert-policy","status":"publish","type":"docs","link":"https:\/\/zecurit.com\/help\/asset-management\/asset-management\/alerts-compliance\/alert-policy\/","title":{"rendered":"Alert Policy"},"content":{"rendered":"\n<p>The <strong>Alert Policy<\/strong> module in <a href=\"https:\/\/zecurit.com\/\">Zecurit<\/a> enables administrators to define intelligent rules for monitoring hardware, software, licenses, certificates, security settings and system health. These policies proactively notify admins when certain conditions are met during inventory scans, helping teams detect anomalies, compliance violations and system issues in real-time.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How It Works<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Admins<\/strong> create alert policies based on predefined conditions and assign them to specific device groups.<\/li>\n\n\n\n<li>During scheduled or on-demand <strong>inventory scans<\/strong>, these conditions are evaluated.<\/li>\n\n\n\n<li>If a device within the group meets the condition, an <strong>alert is generated<\/strong>.<\/li>\n\n\n\n<li>Notifications can also be sent to the configured email addresses for prompt action.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Navigating the Alerts Module<\/h2>\n\n\n\n<p>The <strong>Alerts<\/strong> module has three tabs:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Alerts:<\/strong> View triggered alerts and their status.<\/li>\n\n\n\n<li><strong>Alert Policy:<\/strong> Create and manage alert policies (this document).<\/li>\n\n\n\n<li><strong>Associate Policy:<\/strong> Link alert policies to device groups.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\">Creating an Alert Policy<\/h2>\n\n\n\n<p>To create a new alert policy:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Navigate to <strong>Alerts \u2192 Alert Policy<\/strong> tab.<\/li>\n\n\n\n<li>Click <strong>Create Policy<\/strong>.<\/li>\n\n\n\n<li>Fill in the following details:<\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\">Alert Policy Inputs<\/h3>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Field<\/th><th>Description<\/th><\/tr><\/thead><tbody><tr><td><strong>Alert Policy Name<\/strong>*<\/td><td>A unique name for the alert policy.<\/td><\/tr><tr><td><strong>Description<\/strong><\/td><td>Optional context for the policy&#8217;s purpose.<\/td><\/tr><tr><td><strong>Priority<\/strong>*<\/td><td>Set the severity level: Critical, High, Medium, or Low.<\/td><\/tr><tr><td><strong>Notification Email<\/strong><\/td><td>Email address(es) to notify when the alert is triggered.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Supported Alert Types &amp; Conditions<\/h2>\n\n\n\n<p>The platform supports alert policies across various asset categories:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th><strong>Alert Type<\/strong><\/th><th><strong>Example Use Case<\/strong><\/th><\/tr><\/thead><tbody><tr><td><strong>Hardware Alerts<\/strong><\/td><td>Get alerted when a USB device is added to a sensitive endpoint.<\/td><\/tr><tr><td><strong>Software Alerts<\/strong><\/td><td>Alert when prohibited or unapproved software is installed on a device.<\/td><\/tr><tr><td><strong>License Alerts<\/strong><\/td><td>Notify when your antivirus license is about to expire in 10 days.<\/td><\/tr><tr><td><strong>Certificate Alerts<\/strong><\/td><td>Ensure expiring TLS certificates are renewed before service disruption.<\/td><\/tr><tr><td><strong>Disk Space Alerts<\/strong><\/td><td>Alert if any system partition drops below 10% free space.<\/td><\/tr><tr><td><strong>Security Alerts<\/strong><\/td><td>High-priority alert if an endpoint&#8217;s antivirus service is stopped or disabled.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<div class=\"wp-block-getwid-accordion has-icon-left\" data-active-element=\"none\">\n<div class=\"wp-block-getwid-accordion__header-wrapper\"><span class=\"wp-block-getwid-accordion__header\"><a href=\"#\"><span class=\"wp-block-getwid-accordion__header-title\">Hardware Alerts<\/span><span class=\"wp-block-getwid-accordion__icon is-active\"><i class=\"fas fa-plus\"><\/i><\/span><span class=\"wp-block-getwid-accordion__icon is-passive\"><i class=\"fas fa-minus\"><\/i><\/span><\/a><\/span><\/div><div class=\"wp-block-getwid-accordion__content-wrapper\"><div class=\"wp-block-getwid-accordion__content\">\n<p>Trigger when hardware components are added or removed:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Audio<\/li>\n\n\n\n<li>Battery<\/li>\n\n\n\n<li>BIOS<\/li>\n\n\n\n<li>Keyboard<\/li>\n\n\n\n<li>Monitors<\/li>\n\n\n\n<li>Motherboard<\/li>\n\n\n\n<li>Pointing Devices<\/li>\n\n\n\n<li>Printers<\/li>\n\n\n\n<li>USB Controller<\/li>\n\n\n\n<li>USB Hub<\/li>\n\n\n\n<li>TPM<\/li>\n\n\n\n<li>Network Adapter<\/li>\n\n\n\n<li>Physical Memory<\/li>\n\n\n\n<li>Hard Disk<\/li>\n\n\n\n<li>Processors<\/li>\n\n\n\n<li>Video Controllers<\/li>\n<\/ul>\n<\/div><\/div>\n\n\n\n<div class=\"wp-block-getwid-accordion__header-wrapper\"><span class=\"wp-block-getwid-accordion__header\"><a href=\"#\"><span class=\"wp-block-getwid-accordion__header-title\">Software Alerts<\/span><span class=\"wp-block-getwid-accordion__icon is-active\"><i class=\"fas fa-plus\"><\/i><\/span><span class=\"wp-block-getwid-accordion__icon is-passive\"><i class=\"fas fa-minus\"><\/i><\/span><\/a><\/span><\/div><div class=\"wp-block-getwid-accordion__content-wrapper\"><div class=\"wp-block-getwid-accordion__content\">\n<p>Monitor software installation\/uninstallation:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Software Installed<\/li>\n\n\n\n<li>Software Uninstalled<\/li>\n\n\n\n<li>Prohibited Software Detected<\/li>\n\n\n\n<li>Commercial Software Detected<\/li>\n\n\n\n<li>All Software Changes<\/li>\n\n\n\n<li>Custom Software Changes<\/li>\n<\/ul>\n\n\n\n<p>Example: Alert when prohibited or unapproved software is installed.<\/p>\n<\/div><\/div>\n\n\n\n<div class=\"wp-block-getwid-accordion__header-wrapper\"><span class=\"wp-block-getwid-accordion__header\"><a href=\"#\"><span class=\"wp-block-getwid-accordion__header-title\">License Alerts<\/span><span class=\"wp-block-getwid-accordion__icon is-active\"><i class=\"fas fa-plus\"><\/i><\/span><span class=\"wp-block-getwid-accordion__icon is-passive\"><i class=\"fas fa-minus\"><\/i><\/span><\/a><\/span><\/div><div class=\"wp-block-getwid-accordion__content-wrapper\"><div class=\"wp-block-getwid-accordion__content\">\n<p>Stay informed about license compliance and expiry:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Software License has Expired<\/li>\n\n\n\n<li>License nearing expiration in <strong>X<\/strong> days<\/li>\n\n\n\n<li>Software Compliance Under Licensed<\/li>\n\n\n\n<li>Software Compliance Over Licensed<\/li>\n<\/ul>\n\n\n\n<p>Example: Get notified when your antivirus license is about to expire in 10 days.<\/p>\n<\/div><\/div>\n\n\n\n<div class=\"wp-block-getwid-accordion__header-wrapper\"><span class=\"wp-block-getwid-accordion__header\"><a href=\"#\"><span class=\"wp-block-getwid-accordion__header-title\">Certificate Alerts<\/span><span class=\"wp-block-getwid-accordion__icon is-active\"><i class=\"fas fa-plus\"><\/i><\/span><span class=\"wp-block-getwid-accordion__icon is-passive\"><i class=\"fas fa-minus\"><\/i><\/span><\/a><\/span><\/div><div class=\"wp-block-getwid-accordion__content-wrapper\"><div class=\"wp-block-getwid-accordion__content\">\n<ul class=\"wp-block-list\">\n<li>Certificate Expiring in <strong>X<\/strong> days<\/li>\n\n\n\n<li>Self-signed Certificate Detected<\/li>\n\n\n\n<li>Untrusted Root Certificate Authority Detected<\/li>\n<\/ul>\n\n\n\n<p>Example: Ensure expiring TLS certificates are renewed before outage occurs.<\/p>\n<\/div><\/div>\n\n\n\n<div class=\"wp-block-getwid-accordion__header-wrapper\"><span class=\"wp-block-getwid-accordion__header\"><a href=\"#\"><span class=\"wp-block-getwid-accordion__header-title\">Disk Space Alerts<\/span><span class=\"wp-block-getwid-accordion__icon is-active\"><i class=\"fas fa-plus\"><\/i><\/span><span class=\"wp-block-getwid-accordion__icon is-passive\"><i class=\"fas fa-minus\"><\/i><\/span><\/a><\/span><\/div><div class=\"wp-block-getwid-accordion__content-wrapper\"><div class=\"wp-block-getwid-accordion__content\">\n<ul class=\"wp-block-list\">\n<li>Overall Disk Usage Below <strong>X%<\/strong><\/li>\n\n\n\n<li>Individual Disk Usage Below <strong>X%<\/strong><\/li>\n<\/ul>\n\n\n\n<p>Example: Alert if any system partition drops below 10% free space.<\/p>\n<\/div><\/div>\n\n\n\n<div class=\"wp-block-getwid-accordion__header-wrapper\"><span class=\"wp-block-getwid-accordion__header\"><a href=\"#\"><span class=\"wp-block-getwid-accordion__header-title\">Security Alerts<\/span><span class=\"wp-block-getwid-accordion__icon is-active\"><i class=\"fas fa-plus\"><\/i><\/span><span class=\"wp-block-getwid-accordion__icon is-passive\"><i class=\"fas fa-minus\"><\/i><\/span><\/a><\/span><\/div><div class=\"wp-block-getwid-accordion__content-wrapper\"><div class=\"wp-block-getwid-accordion__content\">\n<ul class=\"wp-block-list\">\n<li>Firewall Disabled or Not Running<\/li>\n\n\n\n<li>BitLocker \/ FileVault Turned Off<\/li>\n\n\n\n<li>Antivirus\/Antimalware Service Stopped<\/li>\n<\/ul>\n\n\n\n<p>Example: Get high-priority alerts if an endpoint\u2019s antivirus stops running.<\/p>\n<\/div><\/div>\n<\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Publishing the Policy<\/h2>\n\n\n\n<p>After configuring the conditions:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Click <strong>Publish<\/strong> to activate the policy.<\/li>\n\n\n\n<li>Or save as <strong>Draft<\/strong> if you plan to review or edit later.<\/li>\n\n\n\n<li>Click <strong>Cancel<\/strong> to discard changes.<\/li>\n<\/ul>\n\n\n\n<p>Once published, go to the <strong>Associate Policy<\/strong> tab to link this alert policy to specific device groups.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Associating Alert Policies<\/h2>\n\n\n\n<p>An alert policy has no effect until it&#8217;s <strong>associated with one or more device groups<\/strong>. To associate:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Go to the <strong>Associate Policy<\/strong> tab.<\/li>\n\n\n\n<li>Select the policy and choose target groups.<\/li>\n\n\n\n<li>Save your changes.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\">Notes<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Alert evaluation occurs during <strong>inventory scans<\/strong>.<\/li>\n\n\n\n<li>One policy can be assigned to multiple groups.<\/li>\n\n\n\n<li>Multiple policies can apply to a single group.<\/li>\n\n\n\n<li>All triggered alerts will be listed under the <strong>Alerts<\/strong> tab with full context, timestamp, and status.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Best Practices<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use <strong>critical priority<\/strong> for security and license expiry issues.<\/li>\n\n\n\n<li>Group devices by function (e.g., servers, endpoints) and assign tailored alert rules.<\/li>\n\n\n\n<li>Regularly review email recipients for up-to-date notification routing.<\/li>\n\n\n\n<li>Periodically audit draft policies that haven\u2019t been published.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Next Step:<\/h2>\n\n\n\n<p><a href=\"https:\/\/zecurit.com\/help\/docs\/asset-manager\/asset-management\/alerts-compliance\/policy-association-to-groups\/\" data-type=\"link\" data-id=\"https:\/\/zecurit.com\/help\/docs\/asset-manager\/asset-management\/alerts-compliance\/policy-association-to-groups\/\">Associate this alert policy with groups to enable alert monitoring.<\/a><\/p>\n\n\n\n<p><\/p>\n","protected":false},"featured_media":0,"parent":2543,"menu_order":0,"comment_status":"open","ping_status":"closed","template":"","doc_tag":[],"class_list":["post-2544","docs","type-docs","status-publish","hentry"],"comment_count":0,"_links":{"self":[{"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/docs\/2544","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/docs"}],"about":[{"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/types\/docs"}],"replies":[{"embeddable":true,"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/comments?post=2544"}],"version-history":[{"count":4,"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/docs\/2544\/revisions"}],"predecessor-version":[{"id":2903,"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/docs\/2544\/revisions\/2903"}],"up":[{"embeddable":true,"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/docs\/2543"}],"wp:attachment":[{"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/media?parent=2544"}],"wp:term":[{"taxonomy":"doc_tag","embeddable":true,"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/doc_tag?post=2544"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}