I am trying to configure an alert to email admins whenever there is a new user connecting to a VPN.
I am fairly new to the Elastic platform and need some assistance in creating these alerts.
The only pre-built alert I see is for MacOS.
Are you collecting VPN access logs with some beat?
There are many modules in filebeat that can help you in this connection log collection. Once the log is in your Elasticsearch, you can create alerts via Watcher using kibana:
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.