You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'd like the detection to be able to be customised to dynamically return (e.g. via a count() function or some such) how many detections have occurred by processing the one log line.
Implementation wise, not sure. run_detection() could return an array of alert data, or create_alert() could create multiple alerts based on a number returned in alert_response. The more efficient way might be to change the threshold logic to respect an "occurrences" number or something in an alert.
The text was updated successfully, but these errors were encountered:
Just dealing with a Google workspace log, this is how it reports 5 failed logins:
I'd like the detection to be able to be customised to dynamically return (e.g. via a
count()function or some such) how many detections have occurred by processing the one log line.Implementation wise, not sure.
run_detection()could return an array of alert data, orcreate_alert()could create multiple alerts based on a number returned inalert_response. The more efficient way might be to change the threshold logic to respect an "occurrences" number or something in an alert.The text was updated successfully, but these errors were encountered: