For example, our lightweight SA007 includes 2 event logs notifications:
-
Notify for any System : Disk : Errors (default rule, but can be changed at anytime)
-
The second Event Log notification rule can be, for example:
- Log Name: Application
- Source: MSSQLSERVER
- Level: Error
Notifications are received within one minute (much faster than most ELM platforms).
SentinelAgent has a very light footprint, as compared to the bloated solutions that are available on the market.