Security Duty Templates
From GridPP Wiki
Revision as of 16:05, 21 January 2014 by Ian collier (Talk | contribs)
Dashboard checking e-mail examples
Security Monitoring - Pakiti Problem at <site> <CVE-yyyy-nnnn> Send to csirt e-mail from appropriate site. (CC UKNGI-Security AT jiscmail.ac.uk ) Dear Security Contacts for <site>, According to our monitoring there is a Pakiti Monitoring alert for one or more Worker nodes at your site <site>. Your site reports <CVE-yyyy-nnnn> <any more details as appropriate> The latest result was reported by the node <Node-name> (nnn.nnn.nnn.nnn) at dd/mm/yyyy hh:mm <modfiy as appropriate to particular alert> You should be able to view information on your site via the EGI Security dashboard: https://operations-portal.egi.eu/csiDashboard Please take a look and take corrective action if necessary. If you think our monitoring has produced a false positive, or your site is behaving as intended please let us know. Thank you, <Name>
Security Monitoring - NAGIOS Problem at <site> Send to csirt e-mail from appropriate site. (CC UKNGI-Security AT jiscmail.ac.uk ) Dear Security Contacts for <site>, According to our monitoring there is a Nagios alert for one or more Worker nodes at your site <site>. Your site reports <xxxx>, which is <yyyy> <any more details as appropriate> The latest result was reported by the node <Node-name> (nnn.nnn.nnn.nnn) at dd/mm/yyyy hh:mm <modfiy as appropriate to particular alert> You should be able to view information on your site via the EGI Security dashboard: https://operations-portal.egi.eu/csiDashboard Please take a look and take corrective action if necessary. If you think our monitoring has produced a false positive, or your site is behaving as intended please let us know. Thank you, <Name>
Security Monitoring - NAGIOS Problem at <site> Send to csirt e-mail from appropriate site. (CC UKNGI-Security AT jiscmail.ac.uk ) Dear Security Contacts for <site>, According to our monitoring there is a Nagios alert on one or more Worker nodes at your site <site>. Your site reports WN-Permissions-ops, which is indicates that a file has world write permission. The latest result was reported by the node <Node-name> (nnn.nnn.nnn.nnn) at <date and time> You should be able to view information on your site via the EGI Security dashboard: https://operations-portal.egi.eu/csiDashboard You should be able to view information on your site via the EGI Security dashboard: https://operations-portal.egi.eu/csiDashboard Please take a look and take corrective action if necessary. If you think our monitoring has produced a false positive, or your site is behaving as intended please let us know. If you think the file should be world writable, please let us know why it is not a problem. Thank you, <Name>