- 필수 기능
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- 디지털 경험
- 소프트웨어 제공
- 보안
- 로그 관리
- 관리
- 인프라스트럭처
- ci
- containers
- csm
- ndm
- otel_guides
- overview
- slos
- synthetics
- tests
- 워크플로
Suppressions are specific conditions for when a signal should not be generated, which can improve the accuracy and relevance of the signals that are generated.
You can set up a suppression query within an individual detection rule, or define a separate suppression rule to suppress signals across one or more detection rules.
When you create or modify a detection rule, you can define a suppression query to prevent a signal from getting generated. For example, add a rule query to determine when a detection rule triggers a security signal. You can also customize the suppression query to suppress signals for a specific attribute value.
Use suppression rules to set general suppression conditions across multiple detection rules instead of setting up suppression conditions for each individual detection rule. For example, you can set up a suppression rule to suppress any signal that contains a specific IP.
The suppression list provides a centralized and organized way for you to manage suppressions across multiple detection rules.
john.doe
is triggering a signal, but their actions are benign and you no longer want signals triggered from this user, input the log query: @user.username:john.doe
.Suppression rule queries are based on signal attributes.Additional helpful documentation, links, and articles: