Forum Discussion
Solved
Sentinel alert threshold
Hi everyone, Looking into creating an alert. For example lets say in syslog a switch/server fails and it generates entries in the syslog table that there is an issue. Let's say it create 1000 cou...
Hello idontknowanything ,
When you create an Analytics rule, under "Set rule logic" you have the following setting:
Hi mikhailf,
Is it true that the Threshold in the detection rule has been removed? I no longer see this option in the rules when I want to edit them. In the "Set rule logic" tab, the Threshold option has disappeared.
Is it true that the Threshold in the detection rule has been removed? I no longer see this option in the rules when I want to edit them. In the "Set rule logic" tab, the Threshold option has disappeared.
Hello esschotenw,
It is available for Scheduled queries. However, I do not see it for NRT rules. Please, check if you are trying to edit an NRT rule.
- Since yesterday, the Threshold option is available again. Maybe temporarily deleted/hidden?
Thanks!