Hi, everyone
I would like to know whether it is possible to group several occurrences of same alerts in Elastic Security.
For instance, we have configured a detection rule which has generated many alerts in a short period of time. I would like to group alerts with identical field values (source.ip, destination.ip, host.name, and so on).
Here you are a screenshot:
Thanks in advance,
Rodrigo