El Centro de ATA supervisa la versión de cada puerta de enlace.
La puerta de enlace de ATA tiene una versión obsoleta.
Actualice la puerta de enlace de ATA a la versión correcta.
| Target | Microsoft.AdvancedThreatAnalytics.1_8.Center | ||
| Category | ConfigurationHealth | ||
| Enabled | True | ||
| Alert Generate | True | ||
| Alert Severity | Warning | ||
| Alert Priority | Normal | ||
| Remotable | True | ||
| Alert Message |
| ||
| Event Log | Microsoft ATA |
| ID | Module Type | TypeId | RunAs |
|---|---|---|---|
| Microsoft.Windows.EventCollector | DataSource | Microsoft.Windows.EventProvider | Default |
| System.Health.GenerateAlert | WriteAction | System.Health.GenerateAlert | Default |
Home
ESN <Rule ID="Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewaysOutdatedMonitoringAlert" Target="Microsoft.AdvancedThreatAnalytics.1_8.Center" Enabled="true" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">
<Category>ConfigurationHealth</Category>
<DataSources>
<DataSource ID="Microsoft.Windows.EventCollector" TypeID="Windows!Microsoft.Windows.EventProvider">
<ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<LogName>Microsoft ATA</LogName>
<AllowProxying>false</AllowProxying>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="UnsignedInteger">1016</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="System.Health.GenerateAlert" TypeID="Health!System.Health.GenerateAlert">
<Priority>1</Priority>
<Severity>1</Severity>
<AlertMessageId>$MPElement[Name="Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewaysOutdatedMonitoringAlert.AlertMessage"]$</AlertMessageId>
<AlertParameters>
<AlertParameter1>$Data/EventDescription$</AlertParameter1>
</AlertParameters>
</WriteAction>
</WriteActions>
</Rule>