Is it possible include the data from the log that a fired alert was triggered off of?
So for example, our web server creates a log where someone from a bad IP address is connecting in, that triggers an email alert to the admin team.
Later down the road, I want to see all fired alerts and generate a report that shows the time the alert was triggered and the IP address value that came from the original web server log.
But to be clear I need this to contain the fired alerts audit log so I know I'm comparing the real log from the web server and the corresponding fired alert