Email-Based Monitoring

Email-based monitoring is a KeySafe 5 feature that sends email notifications when specific events occur in the system. This capability helps administrators track important events and remain aware of potential HSM issues.

KeySafe 5 supports unauthenticated email-based monitoring, meaning it does not require credentials to send email notifications. Ensure that your email server allows unauthenticated email submissions from the KeySafe 5 server IP address.

Configure Unauthenticated Email-Based Monitoring

To configure email-based monitoring, complete the following steps:

  1. Open the config.yaml file in the appropriate location for your operating system.

    • Windows: C:\ProgramData\nCipher\keysafe5\server\config\config.yaml

    • Linux: /opt/nfast/keysafe5/server/config/config.yaml

  2. Scroll to the end of the file or search for the string "monitoring".

  3. Edit the following fields to specify the email server and sender address. Ensure that you include a space after each colon.

    • email_smarthost:

    • email_from:

  4. Save the file.

  5. Restart the KeySafe 5 service to apply the changes.

Optional: If you want alert emails to include a direct link back to the KeySafe 5 WebUI, edit the section labeled Address of the host you want the email to link to and specify the appropriate host address.

Example Configuration for an SMTP Server

The following example shows how to configure an SMTP server for sending alert notifications:

# SMTP server used for sending alert notifications.
# Example: smtp.example.com:465
email_smarthost: svcamrelay2.ncipher.com:25

# Sender address used in alert notification emails.
email_from: noreply@entrust.com

# Address of the host you want the email to link to.
# Example: https://127.0.0.1:18080
host_address: https://127.0.0.1:18080