Symantec Privileged Access Management

  • 1.  Threat Analytics Alerts

    Broadcom Employee
    Posted Jul 09, 2018 04:19 AM

    Hi Team, 

     

    Do you know if there's a way to configure alerts and monitor the Threat Analytics without the need of connecting via UI to monitor.

    Is it possiblet to receive alerts if  one of the engines is down, the system status, the system health.

     

    Thanks,

    Regards,

    Celeste



  • 2.  Re: Threat Analytics Alerts
    Best Answer

    Broadcom Employee
    Posted Aug 27, 2018 06:13 AM

    Sharing answer that the team provided me:

     

    Current System Health is viewable on the homepage header, and can be clicked for more information about changes in Health status.  Examples of when System Health may change:

    • Events are coming in from PAM at a rate that causes messages to queue up too fast, and fall behind in processing
    • Error rates at the API increase above normal level
    • Periodic caching of information from PAM fails for some reason (invalid credentials, intermittent network failure).

     

    These alerts allow administrators to be notified that something is affecting overall performance of the system, and also to be notified when these issues are resolved.  The system implements automatic mitigation strategies when it detects issues that affect health.

     

    To elect to be notified via email on changes in System Health, an Administrative User should select from the “System Alerts” dropdown in the User edit form (image below).  They can choose to be notified immediately, or to only be sent a summary periodically (daily, weekly, monthly).  Note:  The Email/SMTP configuration must be setup for this functionality to work.

     

     

    Alerts only occurs during health issues affecting the performance of the integration between Threat Analytics and PAM, and Threat Analtyics’ ability to process data.  No alerting occurs during issues affecting the availability of the Threat Analytics VM or the hardware on which it runs.  We recommend that customers use a preferred service monitoring utility for that purpose – for instance, something like Nagios to monitor responses from port 443, or to monitor disk and memory usage.