blackout windows, where it can save an event when it matches and send us a match once its outside the blackout window.

attached a rulebook here that uses a node called blackout_windows with 3 child nodes start/end/trigger. The example shows a window of (20241029T10:11:11Z to 20241029T11:11:11Z) so if an event arrives in that window we should not fire it but rather save it till the window expires and then fire it. Also its possible that during the blackout window we might get multiple events so the trigger option indicates should we fire all events or only the last one. We would also have an option to disable or rather ignore the blackout window when processing via some configurable env var. The start and end can have any of the year, month, day, hour, minute, second empty in case you want things like every day between 10AM and 11AM is a blackout window or every Thursday between 00 and 24 hours is a black out window.

---
- name: 02 Debug
  hosts: all
  sources: 
    - name: range
      range: 
        limit: 5
  rules: 
    - name: r1
      condition: event.i == 1
      blackout_window: 
         start: 
           year: 2024
           month: 10
           date: 29
           hour: 10
           minute: 11
           seconds: 11
           tz: UTC
           weekday: ""
         end: 
           year: 2024
           month: 10
           date: 29
           hour: 11
           minute: 11
           seconds: 11
           tz: UTC
           weekday: ""
         trigger: all
      action: 
        debug: