1 Reply Latest reply on Jun 30, 2020 1:13 PM by Bertrand Martin

    Patrol for Event ID and Log Pattern Monitoring

    Deepak Kamath
      Share This:

      Hello gurus,

       

      I am looking for solution or idea  if anyone has implemented this in their org. Basically  this solution is required to prevent event flood which results in cell unresponsive

       

      Problem Statement : If a windows event ID or Log string is added for monitoring  and in a second there are 5000+ pattern occurred or  event ID generated , patrol will detect these many occurrences in single poll  and creates 5000 + alert in console.

      We do have a setting to ignore patterns for next N polling interval. I am looking for solution which can fix in the first poll , that only one alert is triggered for multiple occurence in log or event viewer.

       

      I am aware about  setting dedup in cell. But this is again additional load that can cause cell unresponsive, The environment is huge and adding dedup is not good idea

       

      Hence if there is any solution to prevent it from source will be appreciated

       

      ABHAY BHAGAT Sachin Aru Steve MundyJonathan Coop