Oct 23 2019
12:42 AM
- last edited on
Dec 23 2021
04:50 AM
by
TechCommunityAP
Oct 23 2019
12:42 AM
- last edited on
Dec 23 2021
04:50 AM
by
TechCommunityAP
Hi Team,
I have started using data connectors in sentinel. I want know, is there any way to log an alert/incident or notification. when any of the active data connectors stopped polling the logs for some reason.
Oct 23 2019 02:14 AM
Please see https://techcommunity.microsoft.com/t5/Azure-Sentinel/list-of-reporting-sourcetypes/m-p/906926 for an example query (adjust time window to suit, as 24hrs maybe too long for your use case), you can add that as an Alert or use it from Azure Monitor Alerts.
Thanks Clive