SIEM - Discuss the Elastic Stack

Topic	Replies	Views	Activity
Create a rule or alert to monitor when its not receiving logs by 24 hours?	2	330	September 18, 2023
How to give access to Security Cases of one Kibana Space to the users in another Kibana Space?	2	330	March 12, 2021
Different roles on different fields on different documents	2	328	September 7, 2020
SIEM News feed on securitySolution:enableNewsFeed(Advance Settings) is not working	1	400	February 18, 2022
GeoIP processing of detections detection-rules	1	398	January 19, 2021
Unable to seeing any of the “pew pew” lines on the Network tab in Elastic Security	1	397	February 10, 2022
SIEM Threshold Based Rules - Show several fields value	1	397	November 24, 2020
How to do to show field values in Kibana alert?	1	386	September 5, 2023
Logstash Output Dashboards	1	386	April 17, 2020
Enabled building block option on rule but still mamy tickets detection-rules	1	385	April 30, 2022
Event.action field for cloudTrail logs not being assigned event name when pulling cloud-trail logs using aws module	1	382	February 17, 2021
Aggregate alerts by a specific field and send a summary through an action for each field value encountered	1	381	December 6, 2023
Elastic SIEM Network Map Layers Issues	1	379	December 20, 2021
Detection Rules Triggered although ports are closed! detection-rules	1	379	April 1, 2021
Data not showing in SIEM, Fielddata is disabled on text fields by default	1	378	April 3, 2020
Google Workspace integration - logs-sdk admin	2	308	December 14, 2023
Trigering Alerts for Machine learning Jobs	3	148	August 1, 2024
Filebeat not picking up OSQUERY LOGS	1	372	October 18, 2020
Elastic Stack for SIEM(Elastic Security)	2	303	May 3, 2024
Can i configure Mikrotik Router in Elastic ELK?	1	366	September 18, 2023
Unable to seeing any lines (Host & Destination )on the Network tab in Elastic Security	1	359	February 23, 2022
Event analyzer showing error	1	359	June 14, 2022
File Integrity Monitor Missing Events	3	252	March 2, 2024
How to add client.ip to Alarm "stack by"?	2	288	May 10, 2022
Default email recipient address in email action in ELK7.8 Signals or 7.11 detections	2	288	March 24, 2021
Feedback for 100Gbit/s Elastic SIEM design (which includes Suricata)	1	352	December 7, 2021
Create backup siem server with same integration docker	1	344	June 14, 2022
Elastic Security - Host No longer logging Alert	1	339	August 31, 2023
Aggregate Logs based on Source IP	1	333	October 23, 2023
Cases as Metrics	1	333	August 10, 2021
Elastic SIEM	1	331	January 24, 2024
Adding alers to cases in bulk	2	150	June 12, 2024
Kibana Query Language summarize	5	188	December 23, 2024
Shiiping audit logs for DB with no connector available in Integrations	5	187	March 27, 2024
Siem Rule Duplication - Query Not Changed Despite Rule Edit	1	319	February 23, 2022
Wrong hosts last event elastic siem	1	317	August 30, 2021
How to integrate SCIM Server (Basic Auth) with SailPoint IIQ? curator	1	313	December 13, 2023
SIEM, Auditbeat Queries	1	313	October 20, 2020
Inserting Custom Logs Into Siem	1	308	September 1, 2023
Kibana SIEM application is not displaying proper AS and GeoIP fields	1	306	April 14, 2020
Aggregation of incoming events on common fields for SIEM usecase	1	304	May 20, 2020
SIEM Webhook	1	301	September 1, 2021
Detection rules: include Kibana visualization in email	1	298	December 12, 2023
Rules and connectors	1	296	July 19, 2023
Detection rule: Email CSV file as action	1	292	December 11, 2023
Machine learning use case - Anomaly Detection	7	145	August 7, 2025
Detection Exception for Lenovo Temp Account Creation	1	288	September 5, 2024
Preventing/identifying credit card breach in elastic using SIEM	1	287	July 25, 2023
Display log information	1	281	May 7, 2020
Security Events Filters vs. Ingest Node Pipelines ingest-pipeline	1	279	July 4, 2022