Hello All,
I am trying to make an IP Shun Rule for SW SEM, but am needing some advice/help. I am thinking rule is true when: NetworkAttackAlerts occured, Actions: Block IP Network Attack Alerts.Source Machine and send email to our IT group about the incident. I just started learning in SEM so any help would be greatly appreciated.