I'm brand new to LEM and I'm struggling to create a rule that would send an email notification after X failed login attempts originate from the same source machine in Y seconds. Is anyone using LEM to combat password spraying attacks? We're a Windows shop with
↧