+1
Hİ,
Our security team want to follow file activity anomaly alert on Commvault side.We configured SNMPV3,and they are watching on Arcsight. And they want to configure this in the real time on test server.How can we configure on test server ?
Is there anybody can advise?
Regards
Best answer by Scott Moseman
View original
+19
You will have to configure it via the Commcell console. There is a default alert named "File Activity Anomaly Alert”". You can copy it or alter the existing one and configure SNMP.
+1
Hi Onno,
Thanks for your reply. Actually, I want to ask how can I alert from the client. I created text document on the Media Server. Then I deleted. The mail didn't come us.
Regards,
+23
+19
So basically you are looking for a tool that can simulate a pattern which triggers the file activity anomaly alert?
+18
So basically you are looking for a tool that can simulate a pattern which triggers the file activity anomaly alert?
Scripts to generate a large number of files are easy to create, if the above statement is true and you’re trying to create a File Anomaly alert manually to test the process?
Thanks,
Scott
+19
+1
Hi,
Regards,
+18
These are scripts which I have used in labs to create a large amount of files to trigger the anomaly alert. You will only get the alert once if the anomaly happens once. It will exist in the Unusual File Anomaly dashboard where you can review the details and clear the alert.
Linux Clients
$ cat create.sh
#!/usr/bin/bash
for i in {000000..100000}
do
echo QWERTY > "file${i}.txt"
done
Windows Clients
> type create.bat
@ECHO ON
for /L %%i in (1,1,100000) do fsutil file createnew file%%i.tmp 4096
Thanks,
Scott
+1
Thanks everyone.
+1
Is there a way that we can send in individual alerts of a clients those have morethan 2000 files modified or created or deleted or renamed?
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
