I would like to remove the highlighted part in the alert summary window
of ESA. Is there an option in the settings somewhere? Currently using
RSA Security Analytics v 10.5 . Thanks in advance.
Hi I am trying to crate a rule which will fire an alert once 3+ events
for a single host is detected within 4hr span. Instead It keeps firing
every 3rd event from the host. I am trying the below syntax. @RSAAlert
(oneInSeconds=0, identifiers={"alias_...
Hi Khaled, Thanks for the reply. I am using browser add-ons to remove
the Alert Timeline. Just wanted to confirm if SA itself provides some
options to do that. Thanks & Regards,Mathews
Hi David, Thanks for the reply and EPL Online Link. I want the alert to
be fired once in 4 hours when there are more than 3 matches. It should
remain quiet for the next 4 hours. If there are any matches after 4
hours since the first alert,another ale...
