AnsweredAssumed Answered

Lost Logs or Events

Question asked by Renato Goncalves on Feb 6, 2019
Latest reply on Feb 11, 2019 by Renato Goncalves

I need a rule ( ESA rule ) or anything that can do the trick to monitor if an event stopped sending logs.

 

Yesterday Apache, and the Firewall stopped sending events and logs for 3 hours and we did not noticed, because no alert was triggered.

 

Is there a way to monitor that by an alert or something like it? I could create a dashboard ( which we already have ) or open the alarns in the Event Source but if we are occupied analysing an incident or doing something else we cannot tell whats going one, like yesterday...

Outcomes