Limiting the number of alerts?
So I have an alert set up to notify me if there are 5 denied attempts through the firewall (log coming from syslog) in a 5 minute span. However if a device goes haywire, tries to connect through the firewall 4 times every second, I'm still gonna get 10,000 messages in like a half hour (message 5 comes in, has it been less than 5 minutes? send! message 6 comes in, has it been less than 5 minutes? send! ...)
So how are other folks dealing with this? When they'd prefer to see the same alert email only generated once every 5 minutes for example? Lemme guess? Firewall Analyzer? Alerting from the firewall itself?
So how are other folks dealing with this? When they'd prefer to see the same alert email only generated once every 5 minutes for example? Lemme guess? Firewall Analyzer? Alerting from the firewall itself?
Topic Participants
eventlog_support
New to M365 Manager Plus?
New to M365 Manager Plus?
New to RecoveryManager Plus?
New to RecoveryManager Plus?
New to Exchange Reporter Plus?
New to Exchange Reporter Plus?
New to SharePoint Manager Plus?
New to SharePoint Manager Plus?
New to ADManager Plus?