cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Highlighted
GideonTriple
GideonTriple
Level 8
Report Inappropriate Content
Message 1 of 2
‎06-14-2018 01:36 AM

Correlation over a period of time

Jump to solution

I have two events I am trying to correlate together, for the example we will say that one is administrative login and the other is a change in the firewall.
I would like it to be configured so that if an event showing admin login has occured in the last 12 hours and then there is a change in the firewall, I'd like to get a notification for it.
Currently I set the time window to 12 hours, I am not sure if this will grant me the required result.
Thanks in advance for any support

Labels (3)
1 person had this problem.
0 Kudos
Reply
1 Solution

Accepted Solutions
David1111
Reliable Contributor David1111
Reliable Contributor
Report Inappropriate Content
Message 2 of 2
‎11-04-2018 02:55 AM

Re: Correlation over a period of time

Jump to solution

Hi, 

it seem's good.

just confirm that there's a "AND" gate for both events.

 

Best regards

David

Reply
1 Reply
David1111
Reliable Contributor David1111
Reliable Contributor
Report Inappropriate Content
Message 2 of 2
‎11-04-2018 02:55 AM

Re: Correlation over a period of time

Jump to solution

Hi, 

it seem's good.

just confirm that there's a "AND" gate for both events.

 

Best regards

David

Reply
ePO Support Center Plug-in
Check out the new ePO Support Center. Simply access the ePO Software Manager and follow the instructions in the Product Guide for the most commonly used utilities, top known issues announcements, search the knowledgebase for product documentation, and server status and statistics – all from within ePO.