Hello,
I want to correlate data between logs collected from 2 different sources and I want to alert when a condition is met. How can I create a search for this. Example:
Source 1 log output is: source1_ipaddress visiting_particular_url
Source 2 log output is: source2_ipaddress hostname username
I want to send email alert containing "username" from Source 2 whenever Source 1 logs the event AND source1_ipaddress=source2_ipaddress.
How can I do this? Will appreciate your response. Thanks.
... View more