Long time listener, first time caller. There is a case where a packet reaches multiple sensors through normal configuration and is logged multiple times.
Understanding which sensors are operating and which network routes are up is useful from a data science / threat hunting perspective. From an analyst perspective these duplicate alerts are mostly clutter. Is there simple way to toggle out these duplicate alerts in the Alert UI? -Jack
