We are using ESM Nitro ver 9.5.2. We have deployed SIEM collector agent over our Windows Server 2008R2. We have some critical services running over these servers for instance Snort. We want to create Risk Based Correlation so that if any of our critical service/application goes down an alarm should be generated for it against.
Kindly advise as how to create Risk based correlation to monitor our critical services.