AI Example

Tony_Graham — Wed, 23 Apr 2025 15:26:26 GMT

Very interesting idea. I think in your example you are going to need additional checks or the notifications are going to get out of hand. Imagine an IPS attack coming from a block range of IP's, or even revolving IP's in the case of a botnet and receiving a notification for every hit. Probably also need the ability to do a sanity check and approve any newly created AI rule.

Re: AI Example

Tal_Ben_Bassat — Fri, 25 Apr 2025 07:03:18 GMT

Great point- and you're absolutely right!

To avoid alert fatigue, we’ve built in several ways to add smart conditions to the Log Trigger step.

For example, you can ask the AI to trigger only on consecutive attacks, or define conditions like:

Counting logs within a specific time frame
Counting distinct values (e.g., unique source IPs)
Suppressing repeated logs to avoid noise

We’ve also recently added a powerful new condition that lets you filter logs based on IP Geo-location, using fields directly from the logs.

I’ve attached a few screenshots below so you can see it in action.

And regarding newly created AI automations, users can review, re-generate, and fully edit the automation at any time before enabling it.

Thanks again for raising this - it's an important consideration!

Count logs - distinctSuppress logsCount logs - occurrences by fieldIP Geolocation - included/ excluded from specific countriesMany options for conditions on logs

topic Re: AI Example in Playblocks

AI Example

Re: AI Example