SIEM - Discuss the Elastic Stack

Topic	Replies	Views	Activity
Detection rule: Email CSV file as action	1	311	December 11, 2023
Rules and connectors	1	311	July 19, 2023
Detection rules: include Kibana visualization in email	1	309	December 12, 2023
Preventing/identifying credit card breach in elastic using SIEM	1	302	July 25, 2023
Display log information	1	298	May 7, 2020
ServiceNow SecOps connector	1	290	December 28, 2023
Find exceptions in indices	1	289	October 6, 2021
Filter Alerts by data_stream.namespace	1	287	October 19, 2023
Security Events Filters vs. Ingest Node Pipelines ingest-pipeline	1	286	July 4, 2022
Packetbeat 7.14.1 process.env not added to the document	1	281	October 6, 2021
Elastic Security Threat Match rule	6	147	October 29, 2025
The suricata results shown on the [filebeat dashboard] are different from the results shown in the [security -> alerts] on kibana	2	223	October 29, 2024
Assign current user to acknowledged alert / Elastic Security painless	1	261	June 22, 2023
Elastic Security - what is the difference between adding something to the fleet, and a host / endpoint?	1	256	December 25, 2023
Maximum Number of Cases Template on Elastic SIEM	3	181	August 21, 2025
Regarding Cross cluster replication	5	147	January 21, 2025
How to detect abnormal User behaviour (sequence of actions)	4	161	June 21, 2025
Problem with security timelines for alias	1	254	October 25, 2023
EQL sequence detection on windows and cloudtrail	1	249	November 16, 2023
Detection Rules Integration Dependencies	5	143	November 13, 2024
System Virtual Process Detection Rule	2	196	May 17, 2024
Fleet server, policy, and integrations for Linux terminal	7	114	November 25, 2025
Carbon Black Cloud: CEL alert_v7 400 bad request	6	121	October 25, 2024
Fortigate not listed under "Network events" in Security	4	134	August 21, 2025
Detecting inital of breach	2	171	July 9, 2024
Elastic Agent - Ship Windows logs for SIEM	1	201	May 2, 2024
Elastic and AlienVault OTX integration	2	162	August 21, 2025
Elastic SIEM Detection Rules	2	158	December 10, 2024
EQL Detection Rule issues	2	156	May 2, 2025
Cannot view alerted log in security alert	5	110	November 19, 2024
How to import suricate.rules into SIEM deteciton rules?	2	152	October 29, 2024
Is there a way to correlate FortiGate logs?	2	149	August 17, 2025
Does Common Event Format (CEF) not allow a custom ingestion pipeline?	5	103	May 9, 2025
Elastic - MISP Integration shows total Indicators ( fortigate logs) painless	6	94	March 24, 2026
Create Detection Rules via TF	1	167	May 21, 2024
Cef log with custom udp integration	5	94	June 19, 2025
Sysmon registry logs don't get to elastic windows	1	163	March 19, 2025
Correlation Query for spam email - not working	1	156	March 26, 2024
Exceptions in rules through DaC	3	61	March 9, 2026
Notification from machine learning job per anomaly score	1	153	May 8, 2024
Closing an alert in Elastic Security without using the GUI	1	152	April 21, 2025
Security Case Data for Custom Dashboard	2	123	October 3, 2024
Log Stoppage Monitoring	1	144	May 27, 2024
After upgrading Elastic SIEM to version 8.17.2 a lot security alerts are not being displayed.	1	80	March 27, 2025
My low priority alerts are not showing in alerts?	2	118	September 2, 2024
Share cases between spaces	1	142	May 9, 2024
Machine learning rules : where to apply the high_non_zero_count function	1	131	May 27, 2024
Unable to source and feed in the correct information in src country	6	68	September 1, 2024
System requirements for Elastic Security "All-in-One" pilot deployment	4	79	May 1, 2026
Versions of components used in elasticsearch:8.12.2 and 8.12.0 docker	1	121	July 17, 2024