Santiago, thanks for your help!
среда, 23 декабря 2015 г., 20:26:03 UTC+2 пользователь Santiago Bassett
написал:
>
> Hi,
>
> Windows informational event rule has level "0", meaning that an alert
> won't be generated, unless you take down the alert level threshold
> (log_alert_level, set to "1"
Hi,
Windows informational event rule has level "0", meaning that an alert won't
be generated, unless you take down the alert level threshold
(log_alert_level, set to "1" by default).
My advice is to create a new rule instead just for events with ID "2005" in
order to trigger an alert. I guess
Hi.
I would like to monitor channel called “*Microsoft-Windows-Windows Firewall
With Advanced Security/Firewall*“
For this I added the following lines into shared/agent.conf file into
Windows agent tag
*: Microsoft-Windows-Windows Firewall With
Advanced Security/Firewall
