Hello, I'm curious if it is possible to use a CDB list for Active Response. I am making an active response to block IP addresses (firewall-drop) that trigger off from a set of rule IDs by specifying them on <rules_id> </rules_id>.
It got me thinking it would be easier to manage this if instead of explicitly editing the field in the config file whenever I need to add or remove a rule ID is if I could instead state said rule IDs in a CDB list where the active response script could automatically update or read from.