Hey Guys, i am in need of some assistance in either finding some premade alerts or some help in creating a specific Virus alert.
What i want to do is to set up an alert that will only report if a virus infection comes from a source computer or IP address that is the same and infects 5 or more computers.
Is there a way to specify and alert to trigger that way?
I do not want to be alerted on every alert and i dont to want to trigger an alert if the same machine is infected 5 times from that Source...
does this make sense and is this even possible?
Retrieving data ...