This PR adds support to determine successful windows login related to brute force activity. If a successful login is preceded by at least 20 failed login attempts from a given IP address within 3600 seconds, the analyzer will mark them as a brute force attempts.
Checks
[x] All tests succeed.
[x] Unit tests added.
[x] e2e tests added.
[ ] Documentation updated.
Closing issues
Put closes #2791 in your comment to auto-close the issue that your PR fixes
(if such).
This PR is related to issue # 2791
This PR adds support to determine successful windows login related to brute force activity. If a successful login is preceded by at least 20 failed login attempts from a given IP address within 3600 seconds, the analyzer will mark them as a brute force attempts.
Checks
Closing issues
Put
closes #2791in your comment to auto-close the issue that your PR fixes (if such).