- Service Health and Consumption Overview
- Service Health
- License View
- Notifications and Alerts
Significant Collector Increase and Decrease Notifications
Significant collector increase and decrease notifications keep you informed about the health and configuration needs of the individual collectors in your deployment. For example, a significant increase in log volume on a collector may indicate that a new log source is not correctly configured. A significant decrease in volume may indicate that a log source is failing.
Collector volume is measured each day and compared to comparable historic days. When significant volume increases or decreases are detected, the notifications are sent to users within the first hour of the next day in UTC time.
Important
At this time, the threshold for triggering alert notifications is a 50 percent increase or decrease in collector volume. These percentages are not yet customizable.
Volume baselines are derived from the last 14 days of collector activity. The baselines take into account normal variations in volume, such as those that may occur between business and non-business hours.
 |
For information on viewing and managing notifications, see the following topics in the Exabeam Security Operations Platform Administration Guide: