Closed dlee35 closed 1 year ago
The Top Suricata Network Alerts panel does not sort by count descending as suggested by the panel name. This PR adds | sort -count to correct that and adjusts values(src_ip) to values(src_ip) as src_ip to sorta clean up the column name.
| sort -count
values(src_ip)
values(src_ip) as src_ip
The Top Suricata Network Alerts panel does not sort by count descending as suggested by the panel name. This PR adds
| sort -countto correct that and adjustsvalues(src_ip)tovalues(src_ip) as src_ipto sorta clean up the column name.