Hi all, we are trying to build an alert when chronicle siem ingestion would drop by 20% for a certain type of logs within an hour, does anyone have experience with something like this?
How to build an alert when chronicle siem ingestion?
+1
Hi Pete, if you migrated to Bring Your Own Project preview then you can use GCP Cloud Monitoring, which can create percentage based deviation alerting - see the blog written by one of our team members - https://medium.com/@thatsiemguy/chronicle-forwarder-telemetry-via-google-cloud-monitoring-39ccb32b3853
Login to the community
Login with SSO
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.