Trying to figure out how to ignore/filter/drop all events from a specific IP address. We have daily penetration testing that throws a lot of events that I don't care to see.
Any ideas?
