Currently the following event log records can be logged by this feature:
Type |
Event ID |
Event Source |
Event Description |
Example |
Agent-Side |
10600 |
EventSentry |
A threshold has been exceeded. |
Event log filter Logon Failures exceeded the configured threshold (20 entries / 3600 second(s)). 5 events (out of a total of 25) were dropped by this filter. You can review the dropped events in the event log or the web reports. The matching events and their frequency were:
[ID=4771][LOG=Security]:10 [ID=4624][LOG=Security]:10 |
Agent-Side |
10601 |
EventSentry |
A threshold has been met. |
Event log filter Sample Threshold Filter has reached the configured threshold (20 entries / 600 second(s)). The matching events and their frequency were:
[ID=10100][LOG=Application]:20 |
Agent-Side |
10602 |
EventSentry |
A threshold has been met and events will now be processed. |
Event log filter Sample Filter has reached the configured threshold (100 entries / 1200 second(s)). Events matching this filter will now be processed. The matching events and their frequency were:
[ID=4688][LOG=Security]:100 |
Agent-Side |
10603 |
EventSentry |
A threshold with event-based matching has been met |
Event log filter Sample Filter has reached or exceeded the configured threshold (10 entries / 600 second(s)). 12 events were processed during the interval. The matching events and their frequency were:
[ID=4771][LOG=Security]:6 [ID=4624][LOG=Security]:6 |
Collector-Side |
1200 |
EventSentry Collector |
A threshold has been met |
The limit of a threshold object has been reached, events will continue to be forwarded to the associated action:
Name: %1 Identifier: %2 Limit: %3 event(s) Time remaining: %4 seconds Events forwarded: %5 Description: %6
Event Details: %7 |
Collector-Side |
1201 |
EventSentry Collector |
A threshold has been met (with group field) |
The limit of a threshold object has been reached, events will continue to be forwarded to the associated action:
Name: %1 Identifier: %2 Limit: %3 event(s) Time remaining: %4 seconds Events forwarded: %5 Description: %6
Events Summary: %8
Event Details: %9 |
Collector-Side |
1202 |
EventSentry Collector |
A threshold has been met |
The limit of a threshold object has been reached, the next matching event will be forwarded to the associated action:
Name: %1 Identifier: %2 Limit: %3 event(s) Time remaining: %4 seconds Events forwarded: %5 Description: %6
Event Details: %7 |
Collector-Side |
1203 |
EventSentry Collector |
A threshold has been met (with group field) |
The limit of a threshold object has been reached, the next matching event will be forwarded to the associated action:
Name: %1 Identifier: %2 Limit: %3 event(s) Time remaining: %4 seconds Events forwarded: %5 Description: %6
Events Summary: %8
Event Details: %9 |
Collector-Side |
1204 |
EventSentry Collector |
A threshold has been met |
The limit of a threshold object has been reached, no more events will be forwarded until the threshold expires:
Name: %1 Identifier: %2 Limit: %3 event(s) Time remaining: %4 seconds Events forwarded: %5 Description: %6
Event Details: %7 |
Collector-Side |
1205 |
EventSentry Collector |
A threshold has been met (with group field) |
The limit of a threshold object has been reached, no more events will be forwarded until the threshold expires:
Name: %1 Identifier: %2 Limit: %3 event(s) Time remaining: %4 seconds Events forwarded: %5 Description: %6
Events Summary: %8
Event Details: %9 |
Collector-Side |
1206 |
EventSentry Collector |
A threshold has been met |
The limit of a threshold object has been reached, events will be forwarded to the associated action until the threshold expires and event ID 1220 is logged.
Name: %1 Identifier: %2 Limit: %3 event(s) Time remaining: %4 seconds Events forwarded: %5 Description: %6
Event Details: %7 |
Collector-Side |
1207 |
EventSentry Collector |
A threshold has been met (with group field) |
The limit of a threshold object has been reached, events will be forwarded to the associated action until the threshold expires and event ID 1220 is logged.
Name: %1 Identifier: %2 Limit: %3 event(s) Time remaining: %4 seconds Events forwarded: %5 Description: %6
Events Summary: %8
Event Details: %9 |
Collector-Side |
1208 |
EventSentry Collector |
A threshold has been met |
The limit of a threshold object has been reached, the next matching event will be forwarded to the associated action until the threshold expires and event ID 1220 is logged.
Name: %1 Identifier: %2 Limit: %3 event(s) Time remaining: %4 seconds Events forwarded: %5 Description: %6
Event Details: %7 |
Collector-Side |
1209 |
EventSentry Collector |
A threshold has been met (with group field) |
The limit of a threshold object has been reached, the next matching event will be forwarded to the associated action until the threshold expires and event ID 1220 is logged.
Name: %1 Identifier: %2 Limit: %3 event(s) Time remaining: %4 seconds Events forwarded: %5 Description: %6
Events Summary: %8
Event Details: %9 |
Collector-Side |
1210 |
EventSentry Collector |
A threshold has been met |
The limit of a threshold object has been reached, no more events will be forwarded until the threshold expires and event ID 1220 is logged.
Name: %1 Identifier: %2 Limit: %3 event(s) Time remaining: %4 seconds Events forwarded: %5 Description: %6
Event Details: %7 |
Collector-Side |
1211 |
EventSentry Collector |
A threshold has been met (with group field) |
The limit of a threshold object has been reached, no more events will be forwarded until the threshold expires and event ID 1220 is logged.
Name: %1 Identifier: %2 Limit: %3 event(s) Time remaining: %4 seconds Events forwarded: %5 Description: %6
Events Summary: %8
Event Details: %9 |
Collector-Side |
1220 |
EventSentry Collector |
A threshold has expired |
A threshold object has expired:
Name: %1 Identifier: %2 Events forwarded: %3 Time elapsed: %4 seconds Limit: %5 Actual Count: %6 Description: %7
Events Summary: %8 |
