Real-time monitoring rule "Group member added by unauthorized personnel" may not fully meet end-u (4211149)

Real-time monitoring rule "Group member added by unauthorized personnel" does not allow for skipping alerts for certain members that are added to group. For example, we don't want to receive any alerts if we add user 'default_admin' to any security groups no matter who adds it.

Download attached text file. Open properties of the default rule 'Group member added by unauthorized personnel' and go to 'Matching>Advanced'. Replace existing rule definiton with the one copied from the attached file. Save changes and close script window. Now you can see the new field added to the list of parameters - 'Skipped_AddedMember'. Put username there that you don't wish to receive alerts whenever the user is added to security groups.