How to create a rule to alert when the SEM appliance stops receiving logs? If this specific rule is not possible, how about a rule that alerts on a total number of logs received within a time period (i.e. 5 or less logs in 15 minutes?)

How to create a rule to alert when the SEM appliance stops receiving logs? If this specific rule is not possible, how about a rule that alerts on a total number of logs received within a time period (i.e. 5 or less logs in 15 minutes?)

Thank you

Find more posts tagged with

sem agent

sem_alerts

sem

Accepted answers

All comments

This isn't a current feature of SEM.
There's a Feature Request that can be voted up for it (if you're talking about receiving syslog):
thwack.solarwinds.com/.../receive-an-alert-when-no-syslog-events-in-a-period-of-time

Quick Links