May 30 2019
- last edited on
Apr 07 2022
I would like to create an Alert that fires when someone requests "Just in time VM access". I can use the query below to surface these events in Logs but not sure how to turn that into and Alert. I have searched though the Alert signals and am unable to find one that maps to this:
May 30 2019 06:43 AM
Just press the "add alert" button. Also create an Action Group with a email entry - if you want an email?
May 31 2019 03:20 AM
This solution did work but the notifications were way delayed. Unfortunately this is an inherit "feature" of Logs where the data coming in is delayed from the event that generated the entries. Hopefully this will improve over time.