Yes. Alerting frequency thresholds are able to be configured directly in the Alert Logic® console for raw events. Incidents are suppressed by analysts in order to avoid duplicate notifications.
Articles in this section
- Can Alert Logic scan for PAN data?
- Can I suppress or summarize duplicate incident alerts?
- Do I need an Alert Logic appliance to collect threat traffic?
- How big are the IDS signature updates that are sent to Alert Logic appliances?
- How can I be alerted if one of my threat hosts or appliances stops sending traffic to Alert Logic?
- How does the Alert Logic agent respond if the host it is installed on has maxed out CPU and memory?
- How long does Alert Logic keep event and incident data?
- How often does IDS content get updated?
- In which AWS regions is the Threat Manager AMI available?
- Is traffic between the agent and appliance encrypted?