I am setting up custom alerts for my UDP Voip operations. I have my threat conditions set up as following:
Trigger Alert when all of the following apply
Nose Status is not equal to Down
Nose Status is not equal to Down
Trigger Alert when any of the following apply
field Operation Type is equal to VoIP UDP Jitter
Trigger Alert when any of the following apply
field Operation Status is equal to Warning
field Operation Status is equal to Critical
However I am getting alerts for HTTP, FTP, and TCP Connects. I am going to use alert suppress to stop this, but are my rules correct?
