Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
Generate Alert if tmp*.log size is more than 100 MB.
|English: Request a translation of the event description in plain English.|
According to Microsoft, this indicates that a rule has been set for the monitoring of a file size and the configured threshold has been reached.
To reconfigure the rule follow these steps:
1. Right-click the rule and click Copy.
2. Right-click the Event Rules node and click Paste.
3. If you are working in authoring mode and the Copy Knowledge Authoring Entry window opens, click Copy the knowledge authoring entry for the new rule, and then click OK.
4. A new rule named Copy of Example: Generate Alert tmp*.log size is more than 100 MB will be created. 5. Double-click the new rule and type a new, descriptive name for it.
6. To configure the size thresholds and the file name pattern that you want to monitor, in the Criteria tab, click Advanced.
|Private comment: Subscribers only. See example of private comment|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated