Windows generates an event ID 4688https://system32.eventsentry.com/security/event/4688 in the Windows Security Event Log when a process gets launched. In EventSentry an include filter that monitors for those events needs to be created and associated with an email action so that an email alert is sent once this specific process gets starte...
Monitoring and alerting on the runtime duration of processes This guide demonstrates how to set up EventSentry to trigger an alert when a process runs longer than a specified duration. We will use PowerShell as the example for this configuration. Open EventSentry Management Console From the left menu tree expand Packages and click...
