Configurations Supporting Alert Responses

After you create an alert reponse, you can use it to send the following external alerts from the Cisco Defense Orchestrator.


Alert/Event Type	For More Information
Intrusion events, by impact flag	Configuring Impact Flag Alerting
Discovery events, by type	Configuring Discovery Event Alerting
Malware and retrospective malware events detected by AMP for Networks ("network-based")	Configuring AMP for Networks Alerting
Correlation events, by correlation policy violation	Adding Responses to Rules and Allow Lists
Connection events, by the logging rule or default action (email alerts not supported)	Other Connections You Can Log
Health events, by health module and severity level	Creating Health Monitor Alerts