Hello,
Please let me know if there any option to configure recipient email address in a common file instead of configuring in each detection rules.
This is really difficult task to manually configure email address in each email action when we have more than 500 rules.
Thanks and regards
Hi @jancodenew ! You can use the Rules Update API to update an individual rule. The notable fields you'll want to provide are actions and throttle (and your rule's ID, of course). The corresponding Bulk Update API can similarly be used to update multiple rules at once.
I hope that helps! Cheers.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.