[Alienvault] Filter indicator by created option

[rlynch-ironnet]

Use case

Several of the otxrobottwo feeds have started bundling pulses with what appears to be historical indicators in addition. This results in tons of duplicates and an ever-increasing queue, 100k+ messages every couple hours.

Current Workaround

We've had to disable the connector.

Proposed Solution

Each indicator within the pulse has a created field, if an option is added that can filter on this field based on the same pulse date that the pulses themselves are filtered on, a significant reduction takes place. INFO:root:Filtered 59591 total indicators past 2022-07-01 00:00:00 (10100 remaining)

Additional Information

If the feature request is approved, would you be willing to submit a PR?

Yes