Alert

Energy Logserver allows you to create and save alert rules that continuously monitor the behavior of collected events. The alarm module allows you to react to search messages, missing messages, data increases, the emergence of a new value in the field and the situations of many other alarm scenarios. All Alerts results will be stored inside Energy Logserver providing the ability to perform further analytics, external system integrations, initiate email notyfications. Once Alert result is stored we can plot a dashboard for SOC presenting all discovered incidents.

Energy Logserver can gather data like:

  • 100% IT logs
  • network information based on Netflow, sFlow, etc.
  • Network safety analytics thanks to integration with tools like Flowmon ADS
  • Infrastructure performance by readings data from system monitoring, like OP5 Monitor
  • Microservices information and data
  • Cloud like OpenStack, Azure, Vm, CPE

We know everything what is happening in IT environment!

Using different alerting rules, we can easily react on situations regarding security or performance.

Password forcing detection, new software installation, excessive usage of network ports, errors in applications logs. All of that and more are not just centralizing logs. There are many ways we can react on information like those, but we can - thanks to alerting module.

Rules

  • Any – detecting any value from data logs. For example specific EventID.
  • Blacklist – alerting when value from blacklists appear in logs.
  • Whiltelist – alerting when value from whitelist is missing in logs.
  • Change – looking for a change in one field regarding other, for example change in IP, when login stays the same.
  • Frequency – calculating number of events and informing if its above threshold
  • Spike – detecting sudden spike in data income
  • Flatline – alerting when data goes below threshold
  • New Term – looking for new values and informing about them
  • Cardinality – detecting number of unique values for a given threshold
  • Metric aggregation – calculating metrics, like average and comparing it to threshold value
  • Percentage match – calculating percentages and comparing it against set threshold