Argent for Compliance: Event Time And Time Recorded’

A common Customer question is “Why they have repeated sending alerts?

An example of this is as follows:

“At 12:41 we were bombarded with old alerts from the Argent for Compliance in Remedy

Nothing had happened in the logfile for 4 hours and the event time is set correctly”

The reason behind this occurrence is that Event Time is the ACTUAL time the event occurred in the Event Logs while, the Time Recorded is the time in which the Event was picked up by the Argent Relator running the Argent Rule

A Relator may run at 1:00 and at 8:00

During the seven hour period, an event may be logged numerous times

At 8:00, these events will be RECORDED

This is the “Time Recorded

The event time is simply the time the events were actually placed into the log

It is important to note that the number of alerts fired depends on the setting for COMBINE_ALERTS_ON_LOG_EVENT in the Argent for Compliance registry

If this value is set to a 0, then duplicate events will be recorded as one

If set to a 1, then a different alert will be fired for each event in the log