SIEM - Discuss the Elastic Stack

Topic	Replies	Views	Activity
Kibana SIEM Function: Failed to Parse Date field? (Epoch Time)	9	1169	August 25, 2020
Calling Alerts from Watchers to detection Signals	15	924	October 29, 2020
Fortinet.tmp.*	9	1168	April 14, 2021
SIEM Signals not triggering	11	1061	December 7, 2020
Fortigate Integrations	9	1111	October 10, 2024
Threshold rule can't group by with source.ip but only with source.ip.keyword	11	914	December 6, 2022
SIEM -- Event Columns (Only Default Category)	9	921	June 29, 2020
How many swap files are created when you update a text file	9	892	October 24, 2019
Problem with Detections - Custom query rule	10	849	September 8, 2022
Timeline Template not applied when Alert fires	9	845	May 10, 2022
DNS Check Malware	9	753	August 3, 2020
Error activating rule (api key name is required) elastic-stack-alerting , detection-rules	9	750	January 6, 2022
Prebuilt ML jobs fail elastic-stack-machine-learning	10	715	May 18, 2020
Threshold security rule	9	637	August 12, 2024
Firewall logs to different Datastream by type	23	340	May 22, 2025
Error in detection rule: Remote Computer Account DnsHostName Update	9	97	May 31, 2025
Threat Intel and SIEM	3	4429	December 15, 2020
[ Creating new rule ]: ERROR Authentication using apikey failed - api key has been invalidated elastic-stack-security , elastic-stack-alerting	5	9491	February 16, 2021
Elastic SIEM TheHive Integration	2	2532	September 7, 2021
Palo Alto [SIEM]	3	722	July 17, 2020
SIgma rules for Elastic SIEM	5	13059	May 1, 2021
Active Directory logs and mapping to ECS (I am stumped) ecs-elastic-common-schema	7	8680	November 11, 2019
Detecting inactive users in Active Directory elastic-stack-alerting	5	1777	January 25, 2023
Limit CPU/Memory usage in Auditbeat & Filebeats , version 7.9.0	8	5402	October 15, 2020
Event Correlation on ELK	3	7944	September 23, 2019
Multiple Different Clients	5	2018	February 1, 2021
Hosts table : host.name (alias of beat.name) used instead of agent.hostname	2	3942	March 16, 2020
Feature Request for more robust vector graphics (Vega not enough) so I can generate good looking network maps (non-geographic)	3	599	April 20, 2023
Best way to analyze Event Correlation Sequence detections elastic-stack-alerting , eql-elastic-query-language	6	2330	January 4, 2023
Seperate email alerts per detection? elastic-stack-security	3	532	June 14, 2022
Fleet server agent unable to start- Connection refused fleet	4	4649	November 4, 2021
Hosts duplicated with and without fqdn	7	1899	July 28, 2020
SOAR for elk	3	4640	May 14, 2020
Config alerts and actions email connector	8	2839	October 22, 2020
Unifi Ubiquity USG IPS Suricata Filebeat Logging	3	1338	June 11, 2020
SIEM feature request	5	595	October 29, 2020
WHAT SIEM CAN DO?	4	1157	September 10, 2020
How to define time range in custom query rule in elasticsiem?	6	1723	April 20, 2021
Alert when an event is not followed by another detection-rules	7	891	October 24, 2022
Bulk indexing of signals failed in Kibana 7.10.2	8	2652	February 26, 2021
Detection rule: Failed login attempts	3	3935	June 30, 2021
Building block rules/use case	8	2521	December 8, 2020
"path: /_security/api_key... api keys are not enabled" while loading prebuilt detection rules	4	3301	March 15, 2020
Difference between source/destination and server/client ecs-elastic-common-schema	2	2381	September 13, 2019
Run Elastic detection rule in non real time logs	2	743	October 9, 2021
Sending the alert JSON details using Webhook Connector	8	1353	May 9, 2024
Security rules failing (timed out) all the time detection-rules	6	2686	November 29, 2021
SIEM Threshold - unique values	6	1504	September 29, 2020
UEBA for elk	3	3469	April 10, 2020
Graylog logs directed to Elastic SIEM	6	2614	June 29, 2020