How to set an alert for unauthorized ClearPass login
As a network administrator, how do i set alerts for a unauthorized access to ClearPass server (via SMS or Mail) ?
A network admin would want to know, if someone unauthorized is trying to access the ClearPass server. The solution below explains, how a SMS/Mail alert can be set on ClearPass server for the same.
Manual to way for a admin to check ClearPass login is via Event Viewer. Here the Alert level is WARN for a invalid login.
However for an automatic alert, we need to take following steps:
- In order to send alerts via Mail, we need to configure SMTP server on ClearPass
2. In order to send alerts via SMS we need to configure SMS gateway
3. Now once the Mail and SMS config is done, we need to set Alerts. For that we need to navigate to CPPM > Administration > Server Manager > Server Configuration > Cluster-Wide Parameters > Notifications
4. Here the system alert level is set to WARN (same for a Invalid login attempt) to capture unauthorized ClearPass login attempts.