I am coming from an EdgeRouter so bare with me.
With the EdgeMax we could script and use CLI for some setup. Before I purchased the XR500 I was monitoring my EdgeRouter using PRTG and noticed a lot of probing from Russia and China which got me to think I need to just block those IP blocks. There is no "easy" way to do this in any interface but someone had written a script to do this, it was a lightweight and I set mine up to run every couple of days through a cron job.
Is there a way something like this could be implemented for NetDuma?
Here is the site we used in the script to get the Emerging Threat IP addresses.