Log/show warning if there are no correlation rules installed/entered #646
Labels
needs-triage
Needs to be triaged
Comments
osmontero
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
If there are no correlation rules then no alerts can be generated and then in fact system can not provide expected functionality. Despite the fact that logs are collected.
Describe the solution you'd like
At lease write about that fact warning in "Settings/Application Logs" or show similar warning in panel CORRELATION RULES. Now is there only message "It feels lonely here..." which is not very descriptive. It will be more helpful if there will be more descriptive warning like "There are no correlation rules and therefore no alarms can be generated."
Describe alternatives you've considered
Provide some warning in case when no correlation rules are there. As far as I understand default correlation rules should be automatically downloaded but if it fails for some reason (as it is my case) then there should be some warning. May be also when download fails write about that in log.
The text was updated successfully, but these errors were encountered: