Can you do an auto adding of events to a Created case? for example I have created a case for hundreds of same events (IP, dest, ports, etc..) and if there will a same events that will pop-out it will automatically added to the case. How can this be done?
I don't see a way to directly do this, but there might be another approach. Usually cases are fairly ephemeral so it's not expected that someone would want to automatically add an event to something less than permanent. It is possible to add events to watchlists or to use Data Enrichment to populate certain events with an extra field holding some sort of identifier, case ID, link, etc. What sort of events would get auto-added to a case? How would you classify them?