Skip to content
← Ideas and Feedback

Have an idea for a new feature?

Ideas and Feedback: Alerts

Categories

(thinking…)

set event monitor alert type status in Atera different than event viewer status

Currently if we want to add an alert ID to a threshold, the type (information, critical, etc) much match what is in the Event Viewer. We need to be able to set it differently for our Atera alerts.

For example, for detecting potential ransomware, we want to monitor a scheduled task creation, Event ID 4698 and 4700. In the Event Viewer that's an information alert. We would like to be able for that to show up as a critical alert in Atera to get our attention so it's not lost.

Currently the alert level we set in the threshold must match the level it shows in Event Viewer or it won't pick up the alert in a threshold setting.

1 vote

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Joe Smith shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Brad Shaffer commented  ·   ·  Report

    There seems to be some inconsistency in how Atera Event monitoring is handling these events now. Typical System, Application and Security monitoring rules seem to handle thresholds based on the Windows Event level. However, custom event monitoring for other logs (such as the Windows Server Backup Operational log) creates Atera alerts at whatever level you define. This is creates a mess if you are just intending to monitor the log for all Warnings and Errors.