I would like to request adding some additional data to the alert emails: Attacker IP Address
In order for an alert to be really useful, I really need to assess whether the problem originated within a network I manage or not. Internal compromises are far more urgent and must be handled in a very different way than things that can be handled at the firewall.
Please add this functionality to alerts and client-side reports.
Thanks.