Adding two alert in one

[praveens862]

Hi team,
I want to make an aler like if from an IP we get accept connection on firewall and within a certain time we get any suspicious activity on endpoint. It is possible in elastalert 2. Please help I have little bit knowledge of elastalert , so plz eloborate the process how I make this rule ,plz suggest.
Thankyou.

[BuffaloWill]

The alert command feature can script decisions based on an initial alert.