How i "connect" my detect rules with my events on External alert trend?
My detect rules are those i load from the system.
Hi @VitorBarroso, you can follow the steps in our documentation to create detection rules configured to look for external event data. For example, you could create a "Custom Query" rule that searches for source data matching event.kind: "alert". Typically, events that appear in the External alert trend graph have an "event.kind" value of "alert".