Having a need to create "Instrusion Detection" alert for example:
X number for sessions from same user in x amount of time
Or
x executions of a url by same user in x time.
Can I have suggestion how to set up to accomplish the purpose?
Thank you,
Sharyl
Answer by Erik S. ·
DCRUM is not intended as an Intrusion Detection tool; it is a performance monitoring tool.
That said, an alert based on username and URL, with operation count greater than X as the alert threshold, is likely as close as you will get in DCRUM. this will throw an alert anytime the operation count in an interval for a specific user exceeds the specified threshold.
-- Erik
JANUARY 15, 3:00 PM GMT / 10:00 AM ET