You may have already noticed the new Triggers section in the Wallarm Console and may have already configured several triggers. Let's take a deeper look into what triggers are and how you can use them.
Triggers allow you to set up an automatic reaction of the system to an event. Each trigger consists of a trigger condition and an action to be executed.
In the first version, we taught Triggers to analyze attacks, incidents, and user creations and programmed them to send you notifications. For example:
- If more than 100 attacks have been performed on your application in the last minute, then Sumo Logic will instantly receive a notification about the attack that has begun
- If someone created a new user as the Administrator Role within the Wallarm Console, then a message about the new user would be sent to the Slack channel.
But that's not all - we have big plans for the development of triggers. The set of conditions and reactions will continuously expand. You can already configure automatic sending of IP addresses to the blacklist when the threshold of attack vectors is exceeded. In the coming month, triggers will be able to configure protection against brute-force attacks.
You can find detailed instructions on working with Triggers in our documentation.
Do you have any questions or ideas for product development? Tell us!