Adjusting the baseline for SIEM sources not reporting.
E
Elijah Santiago
Ability for more granularity around the SIEM source not reporting escalation settings. Currently, SIEM sources need to report every hour for 7 days to establish a baseline before an alert will be created. Adding in the ability to customize the duration for that period to be shorter or longer would allow for finer tuning.
Misty Kaizen
We would really like to see this also
Nick Gusto
Agreed. This would greatly benefit many partners. Also, adding the ability to report on specific sources that are not reporting, instead of an "all or nothing" approach, would be useful.