Over the past several weeks we have had two instances in which our appliance stopped collecting logs from all systems. However, as the appliance was still up and running, we had no idea that this was happening. While reboots of the appliance fixed the issue both times, we have since upgraded to the latest version and are hoping this permanently resolves the issue. That being said, I'm wondering if there is some rule/alert that can be set up to notify us if the number of events collected over a certain time period drops below a certain threshold? Thanks.
↧