SIEM - Discuss the Elastic Stack

Topic	Replies	Views	Activity
Elastic SIEM does not show the netflow data using filebeat	1	522	May 18, 2020
Detection Exception for Lenovo Temp Account Creation	1	521	September 5, 2024
Threshold rule	2	425	July 20, 2023
Sizing Parameters for deploying SIEM	1	517	May 14, 2020
Elastic agent log parsing	1	516	July 1, 2021
How to configure fleet server and enroll agents? fleet	2	421	October 11, 2022
Threshold Rule type - not able to send more than three field values in email action	2	420	February 4, 2022
"Run now" action for SIEM rule	2	420	December 22, 2020
Question on populating SIEM dashboard with winlogbeat data and Logstash	2	419	October 28, 2020
Journalbeat in Elastic SIEM	2	417	October 1, 2020
Assign Single Exception to Multiple Detection Rules detection-rules	2	416	August 13, 2021
AquaSec / TwistLock features for containers?	1	507	March 13, 2020
Elastic SIEM Fields Populate to JIRA Custom Fields elastic-stack-alerting	2	413	January 18, 2021
Feature request?	2	409	July 29, 2020
Simulation of Adobe Hijack	2	406	July 14, 2020
Detection Rule - Output of a aggregation bucket should match with other types of logs in the same index detection-rules	1	495	June 25, 2021
Windows 2019: elastic-agent and endpoint security elastic-agent	1	495	December 15, 2020
"Azure Excessive Signin Logs by Azure Identity" unusable azure.signinlogs.identity	2	403	May 10, 2021
Parse json file elastic-agent	1	491	July 13, 2022
Logstash and filebeat	2	400	June 18, 2021
Host.hostname field_data issue with SIEM and auditbeat	1	489	May 5, 2020
AWS VPC Flow Log integration	1	486	May 4, 2022
Common File for adding email address in SIEM Detection email action elastic-stack-alerting , detection-rules	2	396	September 26, 2021
Custom EQL Query where one event happened and another didnt eql-elastic-query-language	1	482	March 7, 2022
Eql query usage in watcher/siem detection rules elastic-stack-alerting	1	481	December 17, 2020
Elastic siem overview dashboard config	2	390	November 19, 2020
Panw module (Palo Alto) ingest reports Object Object.getClass() error because receiver is null	2	390	September 9, 2020
Detector field "beat.hostname" is not an aggregatable field	2	381	November 23, 2021
Value Lists as Exception in Threshold and Correlation type rules	2	380	May 11, 2021
Feedback: Cases	2	379	September 30, 2020
Machine learning use case - Anomaly Detection	7	232	August 7, 2025
Server send security events with WEF and in Authentication tab I don't found all accesses	1	463	March 12, 2020
Registering Wasabi as Snapshot repository for ECE cluster	2	377	September 11, 2023
Decentralised architecture with elastic SIEM	2	377	September 8, 2023
Ingesting from AWS & Azzure	2	376	December 8, 2020
Signal detection ML rule not working	1	458	September 19, 2020
Considerations about default terms agg for Elastic SIEM Detections histogram	2	373	July 13, 2020
How to discard specific event from storing or correlation in SIEM to save resources	2	371	June 3, 2021
EQL signal query return with error	2	371	March 25, 2021
Why `elastic-es-default-0` (which is the pod name for my Elasticsearch) becomes a "host"?	2	370	February 16, 2021
Correlation rules not working elastic-stack-alerting	1	453	May 22, 2021
Kibana Query Language summarize	5	263	December 23, 2024
The issue in a detection rule	3	318	October 18, 2023
Create a rule or alert to monitor when its not receiving logs by 24 hours?	2	365	September 18, 2023
Packetbeat Alerts	2	363	May 12, 2023
Detection rule CLI error	2	362	May 17, 2021
Orchestrate Elastic SIEM for training labs docker	3	313	March 27, 2024
SIEM - "All Hosts" Not showing Operating System	1	441	March 31, 2020
SIEM detection rule apply for difference time	2	360	October 23, 2020
Google Workspace integration - logs-sdk admin	2	356	December 14, 2023