+1Hello everyone, my question is the one mentioned in the title.
I know that it is possible to create Jobs that can monitor if any of the connectors present errors when ingesting alerts.
But I can't find a way (if there is one) to send these alerts by email so that action can be taken in the case of data loss as soon as possible.
+10You can configure the e-mail to send these notifications to in the integration parameters for the "Siemplify" integration.
+1I have it as you indicate, but even though the connector is on fault the Job indicates that no faults are found on the connectors.
+12You could write a job that will:
For each instance of a connector
scrape python logs, then loop for errors
https://cloud.google.com/chronicle/docs/soar/admin-tasks/advanced/retrieve-raw-python-logs
You might need to consider if you are looking for 401, 403, 429, 500, network timeout/DNS, and non-parsable results, etc
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.