SIEM - Discuss the Elastic Stack

Topic	Replies	Views	Activity
SOAR for Elastic Capabilities	2	2244	August 14, 2019
Another Feature Request for SIEM	6	821	August 5, 2020
How to create a rule with aggregation elastic-stack-security	5	2800	May 4, 2021
Elastic SIEM for MSSP	7	2368	July 9, 2020
Shodan Integration	5	2710	April 29, 2020
SSH auth logs not visualized in Kibana	6	2457	June 16, 2020
Adding Fleet Server failed because “x509: certificate signed by unknown authority“ fleet	6	2425	February 27, 2023
Kibana -> Security -> elastic rules space issue elastic-stack-security	5	1415	June 19, 2022
FortiAnalyzer logs to SIEM	2	3553	August 15, 2019
Creating a case for an alert automatically	3	1659	February 24, 2022
Elastic SIEM - Detection Rules - Combination of Time-based, Threshold, Aggregation and Sequence Events	7	2052	March 5, 2021
Detection rule kquery will not trigger but the query match	4	1431	June 28, 2021
Drilling into Suricata data	5	2300	August 8, 2019
Failed Logins	4	2471	August 14, 2019
SIEM Zeek log data getting Error decoding JSON	4	2406	August 15, 2019
Unable to get rule triggered	7	1061	December 8, 2022
SIEM - Network scan	4	2373	August 19, 2022
Elastic pricing for on-premises deployment license	6	1937	May 6, 2024
Elastic Rule Connector sends a String instead of JSON to the Webhook elastic-stack-alerting	6	1925	October 6, 2022
Detection Rule Error detection-rules	6	1906	November 24, 2020
Host.hostname field bug	7	1762	July 29, 2019
Authentication fields used by SIEM vs ECS ecs-elastic-common-schema	4	1212	January 3, 2020
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate	2	2772	July 21, 2020
SIEM not ingesting Windows logs from servers	8	1585	July 31, 2019
Error receiving audit reply: no buffer space available	2	2713	December 30, 2019
Parsing message field from CEF logs	5	1912	April 5, 2022
Custom Rules not working elastic-stack-alerting	8	1560	January 13, 2021
Elastic SIEM integration with Ansible for Security Automation	4	2089	August 12, 2019
Auditbeat compared to Winlogbeat, Metricbeat	5	1905	September 16, 2020
SIEM does not show data	8	1549	May 21, 2020
Missing index .siem-signals-default	5	1893	April 4, 2022
Rules don't trigger and preview window is empty	7	1630	April 21, 2022
IP Watch List Functionality elastic-stack-alerting	7	1611	May 13, 2020
SIEM not detecting ASA success failure logins	6	1703	November 16, 2019
Detection Custom Rule not working elastic-stack-alerting , detection-rules	8	1490	May 27, 2021
Permission to read SIEM signal index elastic-stack-security	7	1570	July 8, 2020
Filebeat module's fields in SIEM columns	2	450	April 2, 2021
Looking for a list of "Out of the Box" Use Cases for Elastic SIEM	2	2513	October 11, 2021
Creating processor [set_security_user] (tag [null]) on field [_security] but authentication is not currently enabled elastic-stack-security	8	1441	July 25, 2022
SIEM Hosts / Networks and Data Not Showing Up	5	1729	March 18, 2020
SonicWall Firewall and SIEM or SNMP	2	2343	October 13, 2019
Normalizing the Huawei firewall logs	5	1655	July 11, 2023
Action export selected signals to csv	8	1348	February 26, 2021
Getting SIEM alerts through API	5	918	January 18, 2023
TheHIVE integration for SIEM Case Management	2	2306	December 27, 2019
Alerts on SIEM elastic-stack-alerting	3	630	January 24, 2023
Elastic Security Integeration with Huawei firewall	8	1327	February 11, 2022
Can I still use Threat Intelligence?	7	791	December 27, 2022
Kibana SIEM "External Alert"	4	1778	April 16, 2020
Multi-tenancy with Elastic SIEM detection rules	5	1617	September 10, 2020