Skip to content
This repository has been archived by the owner on Aug 2, 2022. It is now read-only.

Custom Alert Configure #397

Open
zakirpcs opened this issue Jan 6, 2022 · 0 comments
Open

Custom Alert Configure #397

zakirpcs opened this issue Jan 6, 2022 · 0 comments
Assignees
@skkosuri-amzn
Labels
bug Something isn't working

Comments

@zakirpcs
Copy link

zakirpcs commented Jan 6, 2022

Custom alert configure.

I want to create a custom alert as like follows:

For example a user failed logon (ssh) attempt happen 5 times within one minutes then a custom alert will be generated as per below format:

  1. User Name
  2. Source IP (Client Terminal IP)
  3. Server IP
  4. Number for failed attempt.

My testing environment is as follows:

  • OS: AlmaLinux release 8.5
  • Opendistro Kibana Version: 7.10.2
  • Opendistro Elasticsearch Version: 7.10.2

Is there anyone who can help me on this.

Thanks in advance.

Zakir Hossain
@zakirpcs zakirpcs added the bug Something isn't working label Jan 6, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@skkosuri-amzn skkosuri-amzn

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@zakirpcs @skkosuri-amzn