search

Yelp / elastalert

Easy & Flexible Alerting With ElasticSearch
https://elastalert.readthedocs.org
Apache License 2.0
8k stars 1.73k forks source link

Correlation rule #3256

Open praveens862 opened 2 years ago

praveens862 commented 2 years ago

Hi , I am looking correlation rule like if from an blacklist IP ,I get accept connection on firewall and from same IP any activity detected on endpoint.

nsano-rururu commented 2 years ago

look https://github.com/Yelp/elastalert/issues/3178

praveens862 commented 2 years ago

Hi @nsano-rururu I can't find this issue in 3178 can you suggest something else