返回
-
标题
How to receive a notification whenever the Change Auditor and On Demand Audit integration stops? -
说明
Can I receive an alert or be notified whenever the integration between Change Auditor (CA) and On Demand Audit (ODA) stops working and events are no longer forwarded? -
解决办法
Although you cannot get a notification related to the integration itself from CA, you can get notified in ODA if the events activity coming from CA stops or resumes. This is possible due to some of the ODA built-in alerts such as the one you used related to "Service Activity changes".
The "Service activity stopped" and "Service activity resumed" events are recorded as part of ODA Audit Health monitoring for the integrated Change Auditor installation. If On Demand Audit does not receive an event for a subsystem in 24 hours, it will record a "Service activity stopped" event. Once an event is received for that subsystem, a "Service activity resumed" event will be recorded. "Service activity stopped" may indicate or not if there is an issue since, depending on a customer's environment, going over 24 hours without a group policy (or AD) event could be normal. The intent is to raise awareness to the administrator so, that if it is unexpected that there are no events for a subsystem for 24 hours, they can check run a search in CA to verify if events are being recorded.
In addition, a "Change Auditor auditing activity stopped" event is recorded if no events are received from a Change Auditor installation for 24 hours. -
其他信息
https://support.quest.com/technical-documents/on-demand-audit/current/user-guide/16#TOPIC-1707967