Configuring the data gateway status notification rule
QRadar® on Cloud provides a rule to
send notifications if any data gateways have an unknown status. The rule is configured to run every
5 minutes. If a data gateway is in an unknown state, a system notification is generated. You can
customize the rule response options to suit your needs.
Procedure
- From the Offenses, Log Activity, or Network Activity tabs, click Rules.
- Type QRoC in Search Rules, and press Enter.
- Double-click QRoC Data Gateway Status check.
- Use the Rule Wizard to modify the rule response options.