Hello everyone, my question is the one mentioned in the title.
I know that it is possible to create Jobs that can monitor if any of the connectors present errors when ingesting alerts.
But I can't find a way (if there is one) to send these alerts by email so that action can be taken in the case of data loss as soon as possible.
You can configure the e-mail to send these notifications to in the integration parameters for the "Siemplify" integration.
I have it as you indicate, but even though the connector is on fault the Job indicates that no faults are found on the connectors.
You could write a job that will:
For each instance of a connector
scrape python logs, then loop for errors
https://cloud.google.com/chronicle/docs/soar/admin-tasks/advanced/retrieve-raw-python-logs
You might need to consider if you are looking for 401, 403, 429, 500, network timeout/DNS, and non-parsable results, etc
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.