This article was originally published on the Border0.com Blog here.
Are you tired of constantly refreshing your monitoring and log dashboards to keep tabs on your infrastructure? Do you sometimes feel like you need a sixth sense to catch those pesky login and audit events before they cause trouble? Time to solve that! 🚀
In today’s fast-paced world, keeping an eye on your infrastructure is crucial. As your business and infrastructure grows it’s becoming increasingly challenging to monitor everything manually. That’s why we’ve added support for notifications in Border0. With notifications, you’ll be instantly notified of any new login or audit event by email or Slack, enabling you to stay alert and secure.
Check out the demo in this video
Event types
As an administrator, you can configure what types of events you’d like to be notified for. This ensures that you, as the Border0 administrator, only receive notifications for the events that matter to you. Today, we support two types of events that can trigger notifications.
Session Events:
The first type is session events. When a user accesses on of your services (sockets) through Border0, the Border0 systems logs the event and evaluates the access policies that protect access to the resource. If the access attempt matches a policy, Border0 allows the user to access the service. With notifications support, you can now receive instant notifications when a new session event occurs, giving you instant visibility into who is accessing your services and when. In other words, we’ll notify you whenever someone accesses your SSH, Database or HTTP services.
Audit Events:
Border0 logs all system audit events, which include any event that changes the state of your Border0 configuration. Examples of system audit events include creating new sockets (services), creating new users, updating sockets, creating new tokens, tunnel events, and more. With notifications support, you can now receive instant notifications when a new audit event occurs, ensuring you’re always up-to-date with any changes in your Border0 configuration.
Notification types and Examples
To make it easy for you to receive notifications, Border0 supports two notification types: email and webhook. Webhook notifications can be used to send messages to Slack, one of the most popular messaging tools in use today. Or, to integrate with log collectors or No-code platforms.
The image below shows an example of how to configure an email notification rule in Border0. This notification rule will send an email to listed recipients each time a user logs into any of your services. The example emails show the result of a failed login attempt. To make it easy for administrators to understand why access was denied (or allowed), it includes the policy evaluation results. Now you immediately know what happened and why access was denied.
Left: Email notification rule configuration. Right: Example email for a failed login attempt
Slack notification
Slack is one of the most popular messaging tools in use today, sending messages to slack is just a webhook, ie. an HTTP Post message. See our documentation page for detailed instructions on how to set up slack. After that you’ll see messages like this for the events you’ve configured in your notification settings.
Example Slack notification. Including the policy evaluation results.
Wrap up
In this blog post, we introduced Notifications support in Border0. With notifications, you will be immediately notified when someone logs into any of your servers or for any audit events.
Using webhook notification rules, you can now send these Border0 events and integrate them into any other existing tools you already use, for example, your favorite chat tool like Slack or Teams, a no-code service, AWS lambda’s, or straight into your SIEM.
We hope you’re as excited about the launch of notifications support in Border0 as we are, and we’re excited to see what you’ll use it for. Notifications support is just one of the many features that Border0 offers to help you manage and secure your infrastructure. To learn more about setting up notifications in Border0, please refer to our documentation page. If you have any questions or feedback, please don’t hesitate to reach out to our support team.
Notifications are part of the free community version of Border0, so to give it a spin, Join the Border0 community, and try out our fully featured free community edition.
Top comments (0)