Emails and Alert Configuration

To help you manage important events in your account, the Aviatrix Controller sends alert emails for events such as:

  • Tunnel status change

  • Gateway status change

  • Account information changes

  • Other critical events, such as a full disk

By default, alert emails are sent to the administrator of the Controller. Aviatrix strongly recommends that you use an email alias to notify a group of people rather then using an individual email address. If only one person receives the notifications, important alerts could be missed. To change the default email for alert notifications, see the section below.

  • By default, the source email address is no-reply@aviatrix.com.

  • By default, the SMTP service is provided by a third-party, Sendgrid. Even though Aviatrix implements third-party risk monitoring, we are not responsible for Sendgrid controls. Aviatrix recommends that you configure your own SMTP service.

Changing the Email Recipients of Alert Email Notifications

When you launch your Aviatrix Controller for the first time or log in after an upgrade, please provide the addresses for at least four new email accounts or email aliases that can receive important notification emails.

  1. Go to Settings > Controller > select the Email tab.

  2. Use the four fields on the page to enter the new email addresses or aliases of team members who should receive these emails:

    image::controller/email-notifications-page.png

  1. Click Save to save your changes.

Managing Alert Bell Notifications

The Alert Bell is in the top right of your Controller. This Bell provides notifications about the following features:

By default, Alert Bell notifications are enabled for the following features:

  1. Overlapped CIDR Check - Alert when BGP routes overlap in Site2Cloud.

  2. Guard Duty Check - Alert gets logged as Alert Bell notification and blocks malicious IP addresses when offending IPs are detected by Guard Duty.

  3. Log Service Check - This alarm generates a warning as a Alert Bell notification for remote syslog server down event.

  4. Reach of Route Limit Check - Alert when VPC and BGP route limits reach a threshold.

  5. Blackhole Route Entry Check - Alert when VPC route table has inactive routes.

    image::controller/alert-bell-notify.png

To enable or disable Alert Bell settings, in your Controller navigate to Settings > Controller > Alert Bell page, click the toggles (Enabled/Disabled), and then click Save.

Clearing Alert Bell Notifications

Alert Bell Notifications are cleared as follows, depending on their type:

  • System — System-type bell notifications are persisted in the Controller Database. You can manually clear the notifications by clicking CLEAR ALL in the notification dialog.

  • Activity — Activity-type bell notifications are user-session based and are automatically cleared out when you log out of Controller. You can manually clear the notifications during your session by clicking CLEAR ALL in the notification dialog.

Changing the Email Notification Source (AWS)

The following example uses Amazon Simple Email Service (SES): Note that newly created SES accounts are placed in an "AWS SES Sandbox" and will not be able to send emails to unverified domains/addresses until they have been removed from the Sandbox: https://docs.aws.amazon.com/ses/latest/DeveloperGuide/request-production-access.html

Create SMTP Credentials:

  1. Log into the AWS Console.

  2. Click SES Email Service.

  3. Click SMTP Settings.

  4. Click Create My SMTP Credentials.

image::controller/aws-ses.png

  1. Click Download Credentials.

Download these credentials now, as this password will not display again.

Verify an Email Address: 1. Log into the Amazon SES Console > SESHome > IdentityManagement > EmailAddresses. 2. Click Verify a New Email Address. 3. In Verify a New Email Address, enter an email address you want to send messages from. Note this must be a valid email address.

image::controller/aws-verify-email.png

  1. You will receive a verification email from AWS SES asking you to confirm that you are the owner of the email address. Click the verification link in the message.

Configure the Aviatrix Controller to use AWS SMTP email server: 1. SMTP Server: email-smtp.us-east-1.amazonaws.com <note that this value is regional and may differ based on the region of your verified address(es). You can confirm this from AWS Console > Services > SES > SMTP Settings > Server Name> 2. Port: 587 3. Sender Email: <From Step 2: your verified email> 4. Sender Login: <From Step 1e: your SMTP Username> 5. Sender Password: <From step 1e: your SMTP Password> 6. Test Email: <From Step 2: your verified email> 7. Protocol: TLS 8. Click Save.

Disabling Exception Notification Emails to Aviatrix

Use the Software exception notification option to disable exception emails send to Aviatrix. To disable these notifications, go to Settings > Controller > Email, scroll down to find the software exception field, and click Disable.

Overlapping Alert Email

Aviatrix, by default, will alert you via email if you add a spoke that overlaps with your on-premises network (or, if you start advertising a network from on-premises that overlaps with a spoke). However, there are some cases where you expect overlaps and the alert emails are not helpful. For these cases, you can disable the overlap-checking email configuration.

To disable the overlap-checking email configuration:

  1. In Controller, go to MULTI-CLOUD TRANSIT > BGP > Configuration tab. > BGP Overlapping Alert Email.

  2. For BGP Overlapping Alert Email, toggle the switch to Disabled.

    Emails will no longer be sent when overlaps are detected.