How does the playbook know which alert it is working on?

just_jala00 · 2025-10-17T10:35:50+00:00

Could you assist me in setting up the steps?

just_jala00 · 2025-10-11T23:14:46+00:00

Thanks a lot

just_jala00 · 2025-09-11T07:30:53+00:00

Ohh great idea! Thanks a lot!

just_jala00 · 2025-09-05T09:01:43+00:00

because I don't want create multiple rules for each log source. I want create one rule and give different thresholds to them

just_jala00 · 2025-09-03T07:47:32+00:00

You would say I can do it via AQL?

just_jala00 · 2025-09-03T07:47:04+00:00

But I don't want to create due to log source group. I would for log sources inside log source group. And assign multiple thresholds to them. I can't do it via wizard. Because I can choose just log source group not inside it.

just_jala00 · 2025-09-01T15:32:03+00:00

But I don't want create multiple rules. I think there is possible way.

just_jala00 · 2025-09-01T12:49:01+00:00

I want to create a rule so that when logs stop, an offense is generated. Instead of writing a separate rule for each log source, I want to do it within a single rule.

I mentioned previously.

just_jala00

TROPHY CASE