Good afternoon Jai, I think that might be how the system currently behaves, if I am reading this post correctly:
hxxps://community.cloudera.com/t5/Support-Questions/Metron-Alerts-UI/td-p/198406 Cheers, Tom On 2020-04-03 21:46:29-07:00 Geeks Girls wrote: Hi, How can I control the log entry being pushed as alerts in alertsui? I configured bro device and using threat feed to find whether source IP is malicious or not. Only entries with malicious ip should be sent to the ui and now all entries are going to Metron alertsui.please help. -Jai
