Hi everyone,
can someone please help me write rule for below scenario?
if any logsource is not streaming to chronicle SIEM in last 24 hours, it should trigger an alert.
your assistance would be greatly appreciated.
Many Thanks
Emmie
Page 1 / 1
Hey Emmie,
Ingestion related alerting is done from the Google Cloud console using Cloud Monitoring. More info can be found here at Set up ingestion notification for health metrics.
Hey Emmie,
Ingestion related alerting is done from the Google Cloud console using Cloud Monitoring. More info can be found here at Set up ingestion notification for health metrics.
+1 to @malvarez12 comment. Rules create alerts on current ingested data. For ingestion data gaps, please use Cloud Metrics.
Hey Emmie,
Ingestion related alerting is done from the Google Cloud console using Cloud Monitoring. More info can be found here at Set up ingestion notification for health metrics.
Thanks @malvarez12
+1 to @malvarez12 comment. Rules create alerts on current ingested data. For ingestion data gaps, please use Cloud Metrics.
Thanks @Rene_Figueroa
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.