The efault alert time is 30 minutes & and the aggregation time is 360 minutes, then the first alert will be triggered after 30 minutes , and the second alert will be triggered after 360 minutes.
Therefore the second alert will be like: "No Agent traffic detected for 390(30+360) minutes".
In order to modify these values, simply add the following lines to the "Advance Configuration" section:
<system-events-no-traffic-threshold-minutes>X</system-events-no-traffic-threshold-minutes> - note this value is in minutes
<system-events-no-traffic-aggregation>X</system-events-no-traffic-aggregation> - note this value is in seconds (360 minutes =21600 seconds
)
To disable Agents from sending system events when no traffic is seen, add the following line to the "Advance Configuration" section:
<system-events-no-traffic-enable>false</system-events-no-traffic-enable>
I hope this helps
------------------------------
Sarvesh Lad
Tech Lead @ On-Prem Managed Services (WAF, DAM, DRA & Sonar)
------------------------------
Original Message:
Sent: 09-12-2024 05:40
From: Pradeep Godala
Subject: DAM Agent no traffic alerts
Dear Team,
By default DAM agent generates an alert every 30 minutes in activity logs if there's no activity on Database, how do i change this setting to like 60 minutes or 120 minutes ?
#ImpervaAgent
------------------------------
Pradeep Godala
consultant
ICICI Bank Limited
Mumbai Maharashtra
------------------------------