Watch windows failed logins

How do i watch and alert when there is a number of authentication failed events within a period of time. Can somebody help me with the code? I am new to this.

can anybody help me with it?

Hi, thanks for your message.
Do you have a time-based elasticsearch index that contains this information?
If yes, did you create a dashbosard on top of it?

i have date based index. I didn’t create any dashboard. Do i have to create a dashboard or visual?

I am using elastalert at the moment for this scenario, but i wanted to do this with sentinl.

Can anyone please help me?