I want to create a custom alert/escalation based on SIEM queries, e.g, using SIEM queries to create an alert/escalation when specific accounts are logged into, without using the scheduled reports