Good morning,
I am trying to configure an alert to email admins whenever there is a new user connecting to a VPN.
I am fairly new to the Elastic platform and need some assistance in creating these alerts.
The only pre-built alert I see is for MacOS.
Any help on this is greatly appreciated.
Hi @rwilson
Are you collecting VPN access logs with some beat?
There are many modules in filebeat that can help you in this connection log collection. Once the log is in your Elasticsearch, you can create alerts via Watcher using kibana:
Watcher | Kibana Guide [8.1] | Elastic
Best regards
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.