Reviewing regularly active alert filters
is an important hygiene security practice as alert filters can become no longer relevant and create security flaws.
search filter
to find rules that have active
alert filters and make perioric reviewsexpiration date
on an alert filter to mute the noise temporary (e.g., 24h, 7 days) and facilitate the rules catalog maintenancemuted by an alert filter
in the last 30 days and take an informed decision when reviewing it