How to filter alert display between addresses?

[lonelyadmin]

I'd like to not show alerts on the dashboard between two addresses, how can I do this?
I do not want to keep Suricata from generating alerts, I just want to not show any alerts between certain IP addresses. What is the filter syntax and where do I enter it? Am I able to save the filters?

[dougburks]

I'd like to not show alerts on the dashboard between two addresses, how can I do this?

Since you used the word dashboard, are you asking about SOC Dashboards (https://docs.securityonion.net/en/2.4/dashboards.html) or SOC Alerts (https://docs.securityonion.net/en/2.4/alerts.html)?

SOC Alerts is a simplified version of SOC Dashboards but you can toggle the Temporarily enable advanced interface features option to make it more like SOC Dashboards:
https://docs.securityonion.net/en/2.4/alerts.html#toggles

What is the filter syntax and where do I enter it?

https://docs.securityonion.net/en/2.4/dashboards.html#oql

Am I able to save the filters?

From https://docs.securityonion.net/en/2.4/dashboards.html#query-bar:
If you would like to save your own personal queries, you can bookmark them in your browser. If you would like to customize the default queries for all users, please see the SOC Customization section.

Specifically see https://docs.securityonion.net/en/2.4/soc-customization.html#custom-queries.