The
following table explains the important alerts triggered by events that require observation.
Deep Discovery Analyzer considers
suspicious object detections, hardware capacity changes, certain sandbox queue activity,
component update, account and clustering issues as important problems.
Important Alerts
|
Name
|
Criteria
(Default)
|
Alert Frequency
(Default)
|
|
Account Locked
|
An account was locked because of multiple unsuccessful logon attempts.
|
Immediate
|
|
Long Virtual Analyzer Queue
|
The number of Virtual Analyzer submissions has exceeded the
threshold of 100.
|
Once every 30 minutes
|
|
Component Update Unsuccessful
|
A component update was unsuccessful.
|
Once every 30 minutes
|
|
High CPU Usage
|
The average CPU usage in the last 5 minutes has exceeded the threshold of
90%.
|
Once every 30 minutes
|
|
High Memory Usage
|
The average memory usage in the last 5 minutes has exceeded the
threshold of 90%.
|
Once every 30 minutes
|
|
High Disk Usage
|
Disk usage has exceeded the threshold of 85%.
|
Once every 30 minutes
|
|
Secondary Appliance Unresponsive
|
A secondary appliance in the cluster encountered an error and was unable to recover.
|
Immediate
|
|
High Availability Suspended
|
The passive primary appliance encountered an error and was unable to recover. High
availability was suspended.
|
Once every 30 minutes
|
|
New High-Risk Objects Identified
|
The number of new high-risk objects identified during the last 30
minutes has reached the threshold of 10.
|
Immediate
|
|
Connection Issue
|
Unable to establish connection to a required resource.
|
Once every 30 minutes
|
|
Long Virtual Analyzer Processing Time
|
The Virtual Analyzer processing time has exceeded the threshold of
30 minutes.
|
Once every 30 minutes
|
|
Network Share Inaccessible
|
A network share is inaccessible.
|
Once every 30 minutes
|
 |
NoteConsider decreasing the number of sandbox instances if the system frequently experiences
high CPU or memory usage for long periods of time.
For details, see Modifying Sandbox Instances.
|