We are trying to create a rule where in a session we look for 3 events. Typically, for example, a normal sequence of events has 4 events for a payment. We’ll call it event 1,2,3. So , we want to create an alert when event 1 occurs,event 2 does not occur but event 3 takes place. All for the same user. I’m trying to ensure that a event 2 has not taken place for 10 minutes after event 1 has taken place. But after that we detect event 3, while event 2 has not taken place. If these conditions are met, create an alert. I've tried a few options but they don;t seem to work. we are trying to optimize the rule in order to cut down on false positives. which options should I be using to build this rule? please assist
We are trying to create a rule where in a session we look for 3 events.
ReplyDeleteTypically, for example, a normal sequence of events has 4 events for a payment.
We’ll call it event 1,2,3. So , we want to create an alert when event 1 occurs,event 2 does not occur but event 3 takes place. All for the same user.
I’m trying to ensure that a event 2 has not taken place for 10 minutes after event 1 has taken place. But after that we detect event 3, while event 2 has not taken place. If these conditions are met, create an alert. I've tried a few options but they don;t seem to work. we are trying to optimize the rule in order to cut down on false positives. which options should I be using to build this rule? please assist