Protocols (Regular Profile) : Managing Audit, Shadowing and Alerts for Protocols : Auditing, Shadowing and Alerts Management Tasks : Enabling alerts
  
Enabling alerts
You can enable alerts that are sent when a specific user attempts to access a specific protocol.
DeviceLock sends alerts on the basis of alert settings. These settings specify where and how the alerts should be sent. Before enabling alerts for specific events, you must configure alert settings in Service Options (see Alerts).
Alerts for specific access-related events are enabled in the Auditing, Shadowing & Alerts dialog box. Enabling alerts is similar to defining audit rules (see Defining and editing audit and shadowing rules), and includes the following basic steps:
Specify which events will trigger alert notifications. You can enable notification of successful and/ or failed attempts to access a protocol. Select the Alert Allowed check box to enable notification of successful attempts to access a protocol. Select the Alert Denied check box to enable notification of failed attempts to access a protocol.
Specify users and/or groups whose actions will trigger alert notifications. To do so, in the upper-left pane of the dialog box, under Users, click Add. In the Select Users or Groups dialog box, in the Enter the object names to select box, type the name of the user or group, and then click OK.
Specify which user’s actions on protocols either will or will not trigger alert notifications. In the upper-left pane of the dialog box, under Users, select the user or group that you added. In the lower-left pane of the dialog box, under User’s Rights, select either Allow or Deny to directly allow or deny an alert right. Alert rights determine which user actions on protocols trigger alert notifications. Alert rights are identical to audit rights. The only difference is that when events matching specific criteria occur DeviceLock triggers alerts instead of logging these events in the Audit Log. For details on Audit rights for protocols, see Audit and Shadowing Rights.
Specify days and hours (for example, from 7 AM to 5 PM Monday through Friday) when the selected user’s actions on protocols either will or will not trigger alert notifications. To do so, in the right pane of the dialog box, use the left mouse button to select days and hours when the selected user’s actions on protocols will trigger alert notifications. Use the right mouse button to mark days and hours when the selected user’s actions on protocols will not trigger alert notifications.
 
Note: You can enable different online vs. offline protocol-specific alerts. Online alerts (Regular Profile) are generated when client computers are working online. Offline alerts (Offline Profile) are generated when client computers are working offline. By default, DeviceLock works in offline mode when the network cable is not connected to the client computer. For detailed information on DeviceLock offline policies, see DeviceLock Security Policies (Offline Profile). For information about how to enable offline alerts, see Managing Offline Audit, Shadowing and Alerts for Protocols.