Hi,
is there a way to implement white/black lists of users (maybe indexed in elastic) and generate an alert if, for example, the count of "what you want" exceeds a value?
Thanks.
Hey,
yes, take a look at alerting. You would need to generate a watch, that gathers the information from a search query, checks in the condition if the threshold is exceeded and then takes action like sending an email or a slack message.
--Alex
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.