SIEM - Discuss the Elastic Stack

Topic	Replies	Views	Activity
Detection rule: Email CSV file as action	1	304	December 11, 2023
Preventing/identifying credit card breach in elastic using SIEM	1	301	July 25, 2023
Display log information	1	297	May 7, 2020
ServiceNow SecOps connector	1	290	December 28, 2023
Find exceptions in indices	1	289	October 6, 2021
Security Events Filters vs. Ingest Node Pipelines ingest-pipeline	1	286	July 4, 2022
Exceptions in rules through DaC	2	41	February 9, 2026
Filter Alerts by data_stream.namespace	1	280	October 19, 2023
Packetbeat 7.14.1 process.env not added to the document	1	278	October 6, 2021
Assign current user to acknowledged alert / Elastic Security painless	1	258	June 22, 2023
The suricata results shown on the [filebeat dashboard] are different from the results shown in the [security -> alerts] on kibana	2	206	October 29, 2024
Problem with security timelines for alias	1	252	October 25, 2023
EQL sequence detection on windows and cloudtrail	1	249	November 16, 2023
Elastic Security - what is the difference between adding something to the fleet, and a host / endpoint?	1	247	December 25, 2023
How to detect abnormal User behaviour (sequence of actions)	4	155	June 21, 2025
System Virtual Process Detection Rule	2	194	May 17, 2024
Elastic Security Threat Match rule	6	125	October 29, 2025
What Can I Do with Elastic SIEM Free Tier? (Capabilities and Limitations) license	2	184	November 27, 2025
Regarding Cross cluster replication	5	129	January 21, 2025
Detection Rules Integration Dependencies	5	125	November 13, 2024
Carbon Black Cloud: CEL alert_v7 400 bad request	6	113	October 25, 2024
Detecting inital of breach	2	168	July 9, 2024
Fortigate not listed under "Network events" in Security	4	128	August 21, 2025
Elastic Agent - Ship Windows logs for SIEM	1	198	May 2, 2024
Maximum Number of Cases Template on Elastic SIEM	3	141	August 21, 2025
Fleet server, policy, and integrations for Linux terminal	7	95	November 25, 2025
Elastic and AlienVault OTX integration	2	149	August 21, 2025
EQL Detection Rule issues	2	142	May 2, 2025
Elastic SIEM Detection Rules	2	140	December 10, 2024
How to import suricate.rules into SIEM deteciton rules?	2	140	October 29, 2024
Is there a way to correlate FortiGate logs?	2	134	August 17, 2025
Create Detection Rules via TF	1	162	May 21, 2024
Does Common Event Format (CEF) not allow a custom ingestion pipeline?	5	92	May 9, 2025
Correlation Query for spam email - not working	1	152	March 26, 2024
Cannot view alerted log in security alert	5	87	November 19, 2024
Notification from machine learning job per anomaly score	1	149	May 8, 2024
Sysmon registry logs don't get to elastic windows	1	146	March 19, 2025
Cef log with custom udp integration	5	84	June 19, 2025
Log Stoppage Monitoring	1	141	May 27, 2024
Share cases between spaces	1	140	May 9, 2024
Closing an alert in Elastic Security without using the GUI	1	131	April 21, 2025
Machine learning rules : where to apply the high_non_zero_count function	1	128	May 27, 2024
My low priority alerts are not showing in alerts?	2	105	September 2, 2024
After upgrading Elastic SIEM to version 8.17.2 a lot security alerts are not being displayed.	1	71	March 27, 2025
Security Case Data for Custom Dashboard	2	103	October 3, 2024
Versions of components used in elasticsearch:8.12.2 and 8.12.0 docker	1	117	July 17, 2024
O365 Logs - Single failed log in attempt multiple logs generated	3	76	October 27, 2025
Question About the ‘Supplied Configurations’ Section in Anomaly Detection for Time Series Data with Machine Learning on Elastic Cloud 8.17	5	61	January 30, 2025
Least-Privilege To View All Server Asset Sending Logs	1	105	June 5, 2024
FIM and Windows Updates Best Practices	1	102	October 9, 2024