Absent Member.
Absent Member.
261 views

Device Not sending logs

Hello All,

Trying to write a rule to alert, if any of the event sources (windows, unix, network etc) have stop sending logs for 6hrs.

Could find any default rule. Can anybody please help?

Regards,

Amjad.

Labels (2)
0 Likes
2 Replies
Absent Member.
Absent Member.

Hi Amjad. If you are running ESM 5.2 or above you might try installing the ArcSight System Monitoring package. It has a dashboard that reports connectors in various states. You might be able to tweak the rules to get them to fire according to your criteria or use them as a basis for writing your own.

You can read more about the package and download it here.

0 Likes
Fleet Admiral
Fleet Admiral

Hi Amjad,

Other options are like:

How to set the Time parameters for ur each device categories, refer the snaps on the below link.

https://protect724.hp.com/message/18117#18117

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.