Imagine the following szenario: You have a bigger infrastructure and you have different systems in that environment. Let's say you have different rule approaches to several subsets of systems (identified by IP addresses). And you like to manage this sets of systems in one place.
=> The problem for me currently is: List are not allowed in rules, which means when I have multiple rules that target a specific subset of systems I have to change each rule. Is it possible to centralize such system identifiers?
The current options that I figured out so far are the following:
- Maybe use building blocks and check for triggers
- Use the pipeline in order to tag systems
How do you do this for yourself?