Good day team,
I am trying to create an alert for anti-spam, it is supposed to send an email to me if someone sends more than 10 emails in 5 minutes. However, I cannot make it work for some reason. Could you please help me with this?
This is the search I am using:
host="10.10.10.10" "email passed" NOT from="" NOT
[email protected] | stats count by from name subject |where count >= 10
These are the alert settings:
Settings
Alert name: SPAM
Alert Type: Real-time
Trigger condition
Trigger alert when: Per-Result
Trigger actions
When triggered: Send email
Best regards.
... View more