New Health and Wellness MonitorsNew Health and Wellness Monitors
This topic lists the default New Health and Wellness monitors.
| Number | Monitor |
|---|---|
| 1. | Respond Server Risk Scoring Unprocessed Alerts High Count |
| 2. | Respond Server Risk Scoring Unprocessed Alert Older Than 24 Hours |
| 3. | Respond Server Risk Scoring Transient Alerts Ignored High Count |
| 4. | Reporting Engine Shared Task Critical Utilization |
| 5. | Reporting Engine Schedule Task Pool Critical Utilization |
| 6. | Reporting Engine Rule(s) Execution Failed |
| 7. | Reporting Engine Report(s) Running > 1 hour |
| 8. | Reporting Engine Report(s) Executions Failed |
|
9. |
Reporting Engine Chart(s) Execution Failed |
| 10. | Reporting Engine Available Disk < 5% |
|
11. |
Reporting Engine Available Disk < 20% |
| 12. | Reporting Engine Available Disk < 2% |
|
13. |
Reporting Engine Available Disk < 10% |
| 14. | NW Offline Service |
|
15. |
NW Host High Swap Utilization |
| 16. | NW Host Filesystem Disk Full |
|
17. |
NW Host Critical Memory Usage |
| 18. | NW Host Critical Disk Usage |
|
19. |
NW Host Critical CPU Usage |
| 20. | Log Decoder Service in Bad State |
|
21. |
Log Decoder Log Capture Pool Depleted |
| 22. | Log Decoder Invalid Rules Detected |
|
23. |
Log Decoder Dropping > 5% of Logs |
| 24. | Log Decoder Dropping > 10% of Logs |
|
25. |
Log Decoder Dropping > 1% of Logs |
| 26. | Log Decoder Database(s) Not Open |
|
27. |
Log Decoder Capture Rate Zero |
| 28. | Log Decoder Capture Not Started |
|
29. |
Endpoint Server to Agent - Incoming UDP Packets Requested |
| 30. | Endpoint Server to Agent - Incoming UDP Packets Rejected |
|
31. |
Endpoint Server to Agent - Incoming UDP Packets Queued |
| 32. | Endpoint Server to Agent - Incoming UDP Packets Dropped |
|
33. |
Endpoint Server to Agent - Incoming UDP Packets Delayed |
| 34. | Endpoint Server - Machine Persistence Failed |
|
35. |
Endpoint Server - Inactive Machine Retention Failed |
| 36. | ESA Correlation - Sessions Behind on Datasources |
|
37. |
ESA Correlation - ESA Rule High Memory Usage |
| 38. | ESA Correlation - ESA Rule High CPU Usage |
|
39. |
ESA Correlation - ESA Rule Critical Memory Usage |
| 40. | ESA Correlation - ESA Rule Critical CPU Usage |
|
41. |
Decoder Service in Bad State |
| 42. | Decoder Packet Capture Pool Depleted |
|
43. |
Decoder Invalid Rules Detected |
| 44. | Decoder Dropping > 5% of Packets |
|
45. |
Decoder Dropping > 10% of Packets |
| 46. | Decoder Dropping > 1% of Packets |
|
47. |
Decoder Database(s) Not Open |
| 48. | Decoder Capture Rate Zero |
|
49. |
Decoder Capture Not Started |
| 50. | Contexthub Server Query Response Cache Usage > 80% |
|
51. |
Contexthub Server High Query Response Cache Usage |
| 52. | Contexthub Server Database High Disk Usage |
|
53. |
Contexthub Server Database Critical Disk Usage |
| 54. | Contexthub Server Critical Query Response Cache Usage |
|
55. |
Concentrator Service in Bad State |
| 56. | Concentrator Meta Rate Zero |
|
57. |
Concentrator Individual Rule(s) Detected |
| 58. | Concentrator Database(s) Not Open |
|
59. |
Concentrator Aggregation Stopped |
| 60. | Concentrator > 5 Pending Queries |
|
61. |
Broker Session Rate Zero |
| 62. | Broker Service in Bad State |
|
63. |
Broker Aggregation Stopped |
| 64. | Broker > 5 Pending Queries |
|
65. |
Archiver Service in Bad State |
| 66. | Archiver Aggregation Stopped |
|
67. |
Logstash offline |
| 68. | Logstash Persisting data |
