Hi
Let me explain for example we find a alert
but to hunt it down I want to know from start to end of that follow in which this event : alert was detected . How to do that what field should I track down in eve.json
Or i should go with ip and port only