Can we get the Geo Location (Country) for the Remote IP Address for every security alert? This will help Administrators to understand from which country the threat is coming. Doing a IP Lookup every time and finding the country is a time consuming job and is painful when there are multiple such alerts are coming.
In scenario where an administrator starts getting several security alerts notifications for a specific country he can quickly take a decision to block the traffic for that country at perimeter level.
