When the number of events exceeds the maximum quota for the account, Cato generates an email alert.
The following screenshot shows a sample alert of events quota exceeded message for Internet firewall events:
Cato generates the Events Quota Exceeded alert when the number of events for a specific event type exceeds the maximum limits for events per hour. For more information about the event limits, see Cato Cloud Thresholds and Limits.
You can identify the WAN or Internet rule that is generating the large number of events and then disable the Track > Event option.
To identify the firewall rule and disable the track events option:
- Open the Cato Management Application and go to Monitoring > Events.
- Expand the Rule field under the Fields section.
- Locate the firewall rule that generates the large number of events.
The following screenshot shows an example of a firewall rule (Allow all outbound) that generated 5.6 million events:
4. Go to Security > WAN or Internet Firewall, locate the rule (from the previous step) and edit the Track settings.
5. Disable the Event option for this rule.
6. Click Apply and then click Save.
Please sign in to leave a comment.