You can set a quick block to a maximum of 24 hours, and policy-based blocking can be set to a maximum of 9999 minutes.
Articles in this section
- Can Alert Logic scan for PAN data?
- Can I apply filters on network traffic?
- Can I suppress or summarize duplicate incident alerts?
- Do I need an Alert Logic appliance to collect threat traffic?
- How can I be alerted if one of my threat hosts or appliances stops sending traffic to Alert Logic?
- How does the Alert Logic agent respond if the host it is installed on has maxed out CPU and memory?
- How frequent and what size are the IDS signature updates that are sent to alert logic appliances?
- How long does Alert Logic keep event and incident data?
- How often does IDS content get updated?
- In which AWS regions is the Threat Manager AMI available?