Create a Logical Alarm for Multiple Denied Entries
For this Rule, we will be taking a look at how to configure a Rule with some sort of counting mechanism. In this case, we will take a look at building a Rule that is triggered when a credential is denied 4 or more times within 30 seconds. This Rule is meant to show how counting criteria and a specific time interval can be used to alert people in real-time when a significant problem is detected. Please note, that ALL Complex Rules require at least one Simple Rule.