Hello,
Looking to get a filter created which will fall over into a rule that will detect any attempted logon to one of our adm accounts from an IP outside of the UK?
From my own thoughts this would involve me gaining a CSV list of UK IP addresses adding them to a user defined group *uk IP* and creating the rule to trigger if detection IP is not equal.
Anyone had experience doing something similar?