Here are the two options which I got, Need to validate though.
1- (colleague advised) Every device will have
com.q1labs.configservices.controller.ServerHostStatusUpdater class which will send update whether it is active or not
2- (found this online) "you can create an AQL query to filter information events from the "system notifications" log source. I don't have the exact query on me at the time of writing but you can search for the term "UNKOWN" narrow it down from there. After you have your AQL query, create a rule with it and another test "This many events with same property in this many mins". Tune it to your liking and now you ave an offense on a collector going down."
------------------------------
Hemant Kumar
------------------------------
Original Message:
Sent: Wed October 30, 2019 05:02 AM
From: James Hill
Subject: Monitor Console and EC connectivity
I would be intrested but what has stopped me in the past is that the managed hosts utilise the console as a ssylog server - thus when an outage occurs the managed hosts havent got a way of informing the console they are down. A case of chicken and egg.
This has led me to belive that an agent on the managed host would be needed.
------------------------------
James Hill
Original Message:
Sent: Tue October 29, 2019 04:13 PM
From: Paul Goffar
Subject: Monitor Console and EC connectivity
I could be interested in this as well. With a distributed deployment, a "Host Down" alert could be very valuable.
------------------------------
Paul Goffar
Original Message:
Sent: Fri October 11, 2019 11:31 AM
From: Hemant Kumar
Subject: Monitor Console and EC connectivity
Hi,
Is there a rule/logic to monitor connectivity between console and collector? without using QID?
thanks.
------------------------------
Hemant Kumar
------------------------------