elkserver/docker/redelk-base/redelkinstalldata/scripts/modules/alarm_httptraffic/module.py [119:129]:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
            ip = get_value("_source.source.ip", not_enriched)
            if ip in ips:
                ips[ip].append(not_enriched)
            else:
                ips[ip] = [not_enriched]

        hits = []

        # Now we check if the IPs have already been alarmed in the past timeframe defined in the config
        # pylint: disable=invalid-name
        for ip, ip_val in ips.items():
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -



elkserver/docker/redelk-base/redelkinstalldata/scripts/modules/enrich_greynoise/module.py [90:99]:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
            ip = get_value("_source.source.ip", not_enriched)
            if ip in ips:
                ips[ip].append(not_enriched)
            else:
                ips[ip] = [not_enriched]

        hits = []
        # For each IP, get the greynoise data
        # pylint: disable=invalid-name
        for ip, ip_val in ips.items():
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -