Hi, I’m trying to build an alert using NRQL queries.
In the past few months, we’ve been getting DDOS attacks and the way we would fix those is to block the IP address and/or user agents of the offender.
I want to be able to create an alert querying those two things so that we can cut time in figuring out who is causing the issue.
Is this possible? If not, what are our alternatives?
I also want to be able to create an alert for when CPU usage spikes to a 100% for 30 minutes straight, but i see no where to do that currently.