Configuring the data gateway status notification rule

QRadar® on Cloud provides a rule to send notifications if any data gateways have an unknown status. The rule is configured to run every 5 minutes. If a data gateway is in an unknown state, a system notification is generated. You can customize the rule response options to suit your needs.

Procedure

  1. From the Offenses, Log Activity, or Network Activity tabs, click Rules.
  2. Type QRoC in Search Rules, and press Enter.
  3. Double-click QRoC Data Gateway Status check.
  4. Use the Rule Wizard to modify the rule response options.