We have an external vulnerability scan service that runs periodically. When it does, I get thousands of e-mails from LEM about it. The service runs from a /20 network address block, so putting in individual IP addresses into the filter to disregard isn't feasible. Is there a way to put this address block into a Group so that I can include it in the rule so I don't get spammed every week? Thanks.
↧