Hi I have been reading and watching some videos. Looking for some best practices on what alerts to enable - lets to be emailed or sysloged. I watched one video out there, and it was not very helpful. If there were 5 alerts, which would be one.. I know it varies from customer to customer. But, for example, is data exfiltration a good alarm . Looking how generally its done. sometimes I don't login into SMC to look, but what part of this can be automated. Looking for direction here.
... View more