Create Alerts Based on Conditions
M
Matt Worrilow
It would be great to be able to create alerts (if Huntress isn't alerting on them already), based on a certain condition, such as an event ID, condition or query. Example alerts we would like to create or have Huntress alert on:
o AD User Account Created
o AD User Account Deleted
o AD User Account Disabled
o AD User Added to Privileged Group
o AD User Added to Universal Group
o AD User Removed from Group
o Failed AppGate Logins Failed OpenVPN Logins
o Firewall- DoS Protection Triggered
o Firewall - Fan Failure / Critical Thermal Reading
o Firewall - Local User Created
o Firewall - Logs Cleared [URGENT]
o Firewall Log Status
o Firewall Multiple Failed Admin Login Attempts
o Multiple Failed AD Logins
o Rapid Successful AD Logins
o Windows Event Log Cleared
K
Kyle Weekley
Another upvote for this. Being able to create custom alerts based on events would be an amazing addition to Huntress!
Autopilot
Merged in a post:
Create Alerts Based on Conditions
M
Matt Worrilow
It would be great to be able to create alerts (if Huntress isn't alerting on them already), based on a certain condition, such as an event ID, condition or query. Example alerts we would like to create or have Huntress alert on:
o AD User Account Created
o AD User Account Deleted
o AD User Account Disabled
o AD User Added to Privileged Group
o AD User Added to Universal Group
o AD User Removed from Group
o Failed AppGate Logins Failed OpenVPN Logins
o Firewall- DoS Protection Triggered
o Firewall - Fan Failure / Critical Thermal Reading
o Firewall - Local User Created
o Firewall - Logs Cleared [URGENT]
o Firewall Log Status
o Firewall Multiple Failed Admin Login Attempts
o Multiple Failed AD Logins
o Rapid Successful AD Logins
o Windows Event Log Cleared
J
Jacob Wiley
Yes, we would love more granular control over what is alerted on.