10.1. Configuration

Configuration for an alert is built of two parts:

  1. alerting rule. This is a piece of Python code that goes into the rule processing Python hook script. See Data Processing Rules. An alert is created by calling function nw2functions.alert()
  2. notification streams. Streams are configured in the top level section alerts of the main configuration file nw2.conf.

These two parts are tied together when the call to nw2functions.alert() lists notification streams by their name in the function parameter streams.