To help us become better, please login to ActivTrak

Log in

How to Create a Custom Alarm

ActivTrak alarms are extremely versatile, and make it possible to capture most, if not all relevant computer activity. The alarms themselves consist of two parts that together create an 'if : then' statement.

The first step is to create your conditions, which will equate to the activity you'd like to capture and/or terminate, this is your 'if.' Next, choose what you'd like to happen when that activity triggers your alarm. You have the option to send an email alert to yourself, capture screenshots, send a pop-up message to the user on the workstation, and terminate the application that triggered the alarm. These options are your 'then.'

*Throughout this article, we're going to be creating an alarm to capture USB insertion, and the files opened from that USB.

Let's get into how to create conditions.


CONDITIONS:


Conditions are the If part of your If:then statement where you'll create a logical statement to which the alarm will match and fire on.

Each condition will require of four parts, a field, condition, value, and case sensitive acknowledgment.

Match-type:

When creating your alarm, you have the option to choose your match-type. This means you can either have the alarm fire when all conditions are met collectively or when any one condition is met independently. 


FIELD:


The 'Field' is the section to which the alarm will look at to match your conditions. Here are the available fields and their corresponding meaning:

Computer: Monitored Workstation
Description: Meta description of the application or website.
Duration (Sec): How long the user is on that page.
Executable: The application.
IP Address: The network to which the workstation is connected.
Logon Domain: For large installations and AD connected workstations, the primary domain is where the User logs in.
Primary Domain: For large installations and AD connected workstations, the primary domain is where the computer is connected.
URL: The Website URL
User: The name of the User in ActivTrak.

Here are the fields we're using to detect a USB insert:



OPERATORS:


The operators signify how to look for the keyword within the selected field. Here are the available operators and their corresponding meaning:

Contains: Means the keyword is there somewhere.
Does not Contain: Means the keyword is not there anywhere.
Ends with: Means the keyword is the last thing in a string.
Equal to: Means it will search for the keyword exactly how it is written, and nothing else.
Not Equal to: Means the keyword does not appear in the way it is input at all.
Greater than: This operator is mainly for time on page.
Starts With: Means the keyword appears at the beginning of the string

Here are the operators we're using to detect a USB insert:



Value:


The keyword is what you're looking for to trigger the alarm. This can be the website name, username, keyword in a titlebar or description,or the time in seconds the user is on the page.

Here are the Keywords we're using to detect a USB insert:



CASE SENSITIVE:


Only check this box if you want the keyword to be applied exactly how it's input in regards to the capitalization of the letters.

For our USB alarm, we do not have any case-sensitive keywords, so this is what our 'Case Sensitive' checkboxes look like:


Now that we've input each field for our conditions, let's see what they look like as a whole.

Here are all of our created conditions to have the alarm trigger on a USB insertion:


ACTIONS:


Actions are the 'then' in your if:then statement. When alarm conditions are met, you select the actions you'd like to happen here in the actions section. Here are the available actions and their corresponding meaning:

Screenshots:

Selecting this option tells ActivTrak to take a Screenshot when the alarm is triggered.

Pop-up Message:

Selecting this option tells ActivTrak to send a custom pop-up message to the monitored workstation when the alarm is triggered.


Email Alert:

Selecting this option tells ActivTrak to send you an email notification when the alarm is triggered.


Terminate:

Selecting this option tells ActivTrak to terminate the application that triggered the alarm.

After you've input all of your conditions and selected your post-trigger actions, be sure you've selected' Activate Alarm on the checkbox at the top of the page. 

*Note: The USB Alarm has not been tested on recent operating systems.

 

Was this article helpful?
1 out of 1 found this helpful

Brandon Hill
Brandon HillFollow
Comments