This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RSA enVision® Discussions

Browse the RSA enVision discussion board to get product help and collaborate with other users of RSA enVision.
RSAAdmin
Beginner
Beginner
‎2013-01-21 04:37 AM

Create alert within working time

I would like to monitor our system with condition:

If there are no authentication log (success or fail) in working time (<7h and >19h) => alert

I try to create filter but it not allow to set filter with "event time" like this.

How can I create alert with this condition?

0 Likes
Reply
1 Reply
RSAAdmin
Beginner
Beginner
‎2013-01-22 11:07 AM

Currently, RSA enVision does not have capability to do this. But there is a workaround.

 

You can create a normal rule, create a new view with the rules you want during the time frame as mentioned.

 

Start the view at 7h and stop the view at 19h. This can be achieved with the scheduled tasks. There are commands to start and stop view using scripts (I could not find at this moment) which you can use.

0 Likes
Reply
© 2020 RSA Security LLC or its affiliates.
All rights reserved.