Alert and connect mail format error
|
|
10
|
938
|
April 30, 2021
|
Calling Alerts from Watchers to detection Signals
|
|
15
|
774
|
October 29, 2020
|
Integration sophos Firewall with elastic
|
|
11
|
788
|
May 7, 2023
|
SIEM -- Event Columns (Only Default Category)
|
|
9
|
812
|
June 29, 2020
|
How many swap files are created when you update a text file
|
|
9
|
798
|
October 24, 2019
|
Threshold rule can't group by with source.ip but only with source.ip.keyword
|
|
11
|
702
|
December 6, 2022
|
Timeline Template not applied when Alert fires
|
|
9
|
635
|
May 10, 2022
|
Prebuilt ML jobs fail
|
|
10
|
602
|
May 18, 2020
|
DNS Check Malware
|
|
9
|
626
|
August 3, 2020
|
Problem with Detections - Custom query rule
|
|
10
|
591
|
September 8, 2022
|
Error activating rule (api key name is required)
|
|
9
|
595
|
January 6, 2022
|
Threat Intel and SIEM
|
|
3
|
3821
|
December 15, 2020
|
[ Creating new rule ]: ERROR Authentication using apikey failed - api key has been invalidated
|
|
5
|
7044
|
February 16, 2021
|
Elastic SIEM TheHive Integration
|
|
2
|
2169
|
September 7, 2021
|
Palo Alto [SIEM]
|
|
3
|
649
|
July 17, 2020
|
SIgma rules for Elastic SIEM
|
|
5
|
9283
|
May 1, 2021
|
Active Directory logs and mapping to ECS (I am stumped)
|
|
7
|
7361
|
November 11, 2019
|
Detecting inactive users in Active Directory
|
|
5
|
1249
|
January 25, 2023
|
Event Correlation on ELK
|
|
3
|
7276
|
September 23, 2019
|
Limit CPU/Memory usage in Auditbeat & Filebeats , version 7.9.0
|
|
8
|
4698
|
October 15, 2020
|
Multiple Different Clients
|
|
5
|
1651
|
February 1, 2021
|
SOAR for elk
|
|
3
|
4474
|
May 14, 2020
|
Seperate email alerts per detection?
|
|
3
|
436
|
June 14, 2022
|
Hosts duplicated with and without fqdn
|
|
7
|
1710
|
July 28, 2020
|
Fleet server agent unable to start- Connection refused
|
|
4
|
3846
|
November 4, 2021
|
Feature Request for more robust vector graphics (Vega not enough) so I can generate good looking network maps (non-geographic)
|
|
3
|
411
|
April 20, 2023
|
Unifi Ubiquity USG IPS Suricata Filebeat Logging
|
|
3
|
1159
|
June 11, 2020
|
Bulk indexing of signals failed in Kibana 7.10.2
|
|
8
|
2424
|
February 26, 2021
|
"path: /_security/api_key... api keys are not enabled" while loading prebuilt detection rules
|
|
4
|
3197
|
March 15, 2020
|
WHAT SIEM CAN DO?
|
|
4
|
994
|
September 10, 2020
|
SIEM feature request
|
|
5
|
491
|
October 29, 2020
|
Config alerts and actions email connector
|
|
8
|
2236
|
October 22, 2020
|
SOAR for Elastic Capabilities
|
|
2
|
2171
|
August 14, 2019
|
UEBA for elk
|
|
3
|
3330
|
April 10, 2020
|
Difference between source/destination and server/client
|
|
2
|
2131
|
September 13, 2019
|
Alert when an event is not followed by another
|
|
7
|
729
|
October 24, 2022
|
How to define time range in custom query rule in elasticsiem?
|
|
6
|
1357
|
April 20, 2021
|
Run Elastic detection rule in non real time logs
|
|
2
|
644
|
October 9, 2021
|
Best way to analyze Event Correlation Sequence detections
|
|
6
|
1323
|
January 4, 2023
|
Another Feature Request for SIEM
|
|
6
|
729
|
August 5, 2020
|
SIEM Threshold - unique values
|
|
6
|
1256
|
September 29, 2020
|
Hosts table : host.name (alias of beat.name) used instead of agent.hostname
|
|
2
|
3344
|
March 16, 2020
|
SSH auth logs not visualized in Kibana
|
|
6
|
2182
|
June 16, 2020
|
Elastic SIEM for MSSP
|
|
7
|
2035
|
July 9, 2020
|
Shodan Integration
|
|
5
|
2327
|
April 29, 2020
|
Security rules failing (timed out) all the time
|
|
6
|
2149
|
November 29, 2021
|
Graylog logs directed to Elastic SIEM
|
|
6
|
2076
|
June 29, 2020
|
How to create a rule with aggregation
|
|
5
|
2227
|
May 4, 2021
|
Detection rule: Failed login attempts
|
|
3
|
2627
|
June 30, 2021
|
Building block rules/use case
|
|
8
|
1749
|
December 8, 2020
|