[sysmon-help] Newbie questions
Johnson, Daniel
DJohnson at chguernsey.com
Fri Nov 9 11:42:34 EST 2007
Is there any way to have different "numfailures" and "queuetime" for
different objects? There are some things that may intermittently not
respond to ping, so I don't want a notice unless it has missed the last
ten attempts (and those attempts can be two minutes apart). Other
devices are on better connections and I'd like to know after they drop
one (and check it every minute or less). Is it possible to run two
instances of sysmon side by side for this?
When I monitor another sysmon server and take it down (or block the
port, etc) the notification says "<desc> is Internal-Killed". Is there
any deep meaning there? src/lib.c didn't explain it very well. :)
Daniel Johnson
C. H. Guernsey & Company
djohnson at chguernsey.com
More information about the Sysmon-help
mailing list