Auto Dismiss Alerts
We've been wanting to run daily maintenance on assets (like running sfc, or dism). To make sure these scripts actually run I am creating Gorelo Alerts for after they run.
Right now we have a policy that runs a script, that script creates an alert "Asset name is healthy" or "Asset name needed repair" etc. Then I have a custom view called "DISM check"
Since these alerts arent necessarily actionable, we just want to keep track of it's success/failure. Is there a way to auto dismiss the alerts?
or
Is there a better way to keep track if automated scripts are running?
Or is there a way to filter specific events out of the Warning, Error, or Critical view? I made more alert views but I'd like them to be taken out of the default views
2 Replies
I think the best option here would be to split the script and alert off into 2 separate things.
* Script that runs SFC / DISM scan.
* Gorelo Event Log Check to check event log for "log doesn't contain" x event in the last 24 hours (bit of a tongue twister haha)
You can also add a remediation script and more granular alert info
You can also use this for things that don't generate an event log by just writing to the event log it in the script.
Sweet, I like the ideas. Thank you