Which correlation search feature is used to throttle the creation of notable events?
Which correlation search feature is used to throttle the creation of notable events?
Window duration is the feature used in correlation searches to throttle the creation of notable events. This setting allows defining a period during which similar events are ignored, thereby preventing the creation of redundant events within that window of time.
C is correct
Throttling Window duration second(s) How much time to ignore other events that match the field values specified in Fields to group by. Fields to group by >>>> Copy from web UI <<<<<
Correct, the answer is C.
Windows duration - C is the correct answer