ESA Rule - Grouping Alerts
Hello everybody. Need your help with ESA Rule(EPL). So, what I want: the rule must generate alerts if there are minimum 5 failed logins(bad password) from Same Source during 120 seconds. After reading all documentation that I've managed to get, I've ...
