|
AIE Rule ID |
AIE Rule Name |
AIE Rule Brief Description |
|---|---|---|
|
1378 |
IT Ops: Crit System Shutdown |
Monitors for system shutdowns that are not followed by startup activity. Must be tuned to select "always on" hosts and for appropriate timeframe for system to startup after shutdown activity. |
|
1379 |
IT Ops: Crit Service Stopped |
Rule observes for service stop events that are not followed by service start events. |
|
1380 |
IT Ops: Crit Win Service Failed To Recover |
Rule looking for Windows services which attempt to recover, but fail. |
|
1381 |
IT Ops: Crit Backup Failure |
Monitors for failed backup events. |
|
1441 |
IT Ops: Crit Application Config Change |
Observes for changes to critical application configurations. |
|
1442 |
IT Ops: Crit Database Config Change |
Monitors for changes to critical database configurations. |
|
1443 |
IT Ops: Crit Dir. Services Config Change |
Monitors for changes to critical directory services configurations. |
|
1444 |
IT Ops: Crit Net Access Config Change |
Monitors for changes to critical network access configurations. |
|
1445 |
IT Ops: Crit Security Config Change |
Monitors for changes to critical security configurations. |
|
1446 |
IT Ops: Crit System Config Change |
Monitors for changes to critical system configurations. |
|
1447 |
IT Ops: Win Application Error Tracking |
Rule tracks windows application errors that exceed a normal level. |
|
1448 |
IT Ops: Possible Bad Win Update : App Error |
Rule watches for Windows Application Error Tracking trend rule firing following Windows Updates being installed. Rule fires alarm if a higher incidence of application errors have occurred. |
|
1451 |
IT Ops: Possible Bad Win Update : Sys Crash |
Rule watches for a Windows crash dump log following Windows Updates being installed. |
|
1458 |
IT Ops: Slow Web Server Response Times |
Rule observes for slow web server response times. |
|
1470 |
IT Ops: PerfMon: Proc Time Thrshld Exceeded |
Rule observes for 20 or more threshold exceeded alarms within 6 minutes from Windows PerfMon for % Processor Time counter. |
|
1471 |
IT Ops: PerfMon: Low Free Disk Space |
Rule observes for low disk space alerts from Windows PerfMon counters. |
|
1472 |
IT Ops: Nagios: Sys Offline Attribution |
Observes for several critical, warning, or error events followed by Nagios detecting a host hard down status. |
|
1473 |
IT Ops: Nagios: Sys Off Following Win Update |
Observes for successful Windows Update install followed by Nagios event indicating a system is down. |
|
1474 |
IT Ops: PerfMon: Dsk % Idle Time Blw Thrshld |
Monitors for low disk idle time from Performance Monitor. |
|
1476 |
IT Ops: Nagios: Service State Offline |
Rule observes for hard service state down or critical from Nagios. |
|
1485 |
IT Ops: Nagios: Sys Offline Following Change |
Observes for configuration change followed by Nagios detecting a host hard down status. |
|
1486 |
IT Ops: VMWare: RAM Disk Full |
Observes for specific logging activity indicative of a full RAM Disk. |
|
1597 |
IT Ops: LogRhythm Lifecycle Controller |
Rule to event on LogRhythm Lifecycle Controller logs. |