How do I throw an alert if a log file has NOT been written to within a certain amount of time? Say within 10 minutes.
You run a search over a ten minute time range for that source and raise an alert if it comes up empty.
You run a search over a ten minute time range for that source and raise an alert if it comes up empty.