Retriving ping number

I read log of Fortigate and store it into opensearch. I can discover them in kibana. It has a field named service, service has RDP, HTTP, DNS, PING and so on.
My scenario:
i need to read service and if service == PING in 2 hours it notify me. Alerting is good for implement or anomaly detection ? please guide me.

Alerting suits for your case, because it’s rule based, but anomaly detection aims to analyze the trends of your data.

1 Like

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.