@david_smith1 Is there an update on this?
Hi Matt,
what is it you are trying to accomplish?
We have released custom detection rules in the interim yes, Custom Detection Rules | InsightIDR Documentation
these allow you to build thresholded rules that fire under conditions such as, alert me if any machine experiences X failed logins in Y minutes.
David