|
How to send email alert to groups based on condition success using Kibana Rules
|
|
1
|
1043
|
September 13, 2022
|
|
Can Elastic SIEM have a Group By feature in the Timelines?
|
|
5
|
598
|
June 12, 2020
|
|
Threat hunting with suricata, ElasticSecurity
|
|
2
|
840
|
June 14, 2021
|
|
Feature Request: Alert Assignment to user
|
|
2
|
468
|
September 30, 2020
|
|
Zeek dns logs show only as zeek.notice leaving dns fields empty
|
|
1
|
1018
|
December 11, 2019
|
|
Aggregating Case Information
|
|
5
|
586
|
February 11, 2022
|
|
Can I change the primary key for identifying hosts in the SIEM app?
|
|
4
|
637
|
September 1, 2020
|
|
Rules in ElasticSIEM not create signals
|
|
5
|
579
|
May 14, 2020
|
|
Unusual Process For a Windows Host (rare_process_by_host_windows_ecs)
|
|
5
|
578
|
July 29, 2021
|
|
EQL rules do not work but see hits
|
|
3
|
706
|
March 14, 2022
|
|
Siem anomaly detection prebuild jobs
|
|
2
|
815
|
January 30, 2020
|
|
Aggregation facility in the detections rules tab?
|
|
2
|
454
|
July 3, 2020
|
|
Elastic Detection Actions - any way to add fields?
|
|
2
|
447
|
April 25, 2022
|
|
Auditbeat docker (7.4.2) starts and then terminates with no error
|
|
2
|
785
|
December 17, 2019
|
|
Watch configuration (advance watch - Jason queries for cyber security)
|
|
5
|
554
|
August 31, 2021
|
|
Viewing Pinned Timeline Events
|
|
2
|
782
|
November 22, 2019
|
|
How to change query in SIEM
|
|
3
|
675
|
November 18, 2019
|
|
Update field on all SIEM detection Rules in one go
|
|
6
|
508
|
April 18, 2022
|
|
Reporting email action failure from watcher - ELK7.8
|
|
3
|
666
|
April 15, 2021
|
|
Last Seen timestamp under Hosts section appears to be incorrect
|
|
3
|
665
|
August 8, 2019
|
|
Edit Telnet port Activity rule
|
|
3
|
663
|
April 19, 2021
|
|
Fielddata error preventing Authentications tab populating
|
|
4
|
593
|
October 2, 2019
|
|
NetFlow Traffic from ASA
|
|
2
|
746
|
August 13, 2020
|
|
Detection Rule Key Value Reference Url's
|
|
6
|
486
|
June 19, 2021
|
|
Cloudflare integration Logpull not working
|
|
3
|
642
|
June 29, 2022
|
|
Security events and rules matching
|
|
3
|
639
|
August 23, 2022
|
|
Detection not finding anything but same query finds them
|
|
6
|
481
|
March 27, 2021
|
|
Index patterns global and per rule?
|
|
3
|
635
|
November 24, 2020
|
|
Multiple index search
|
|
6
|
480
|
May 1, 2023
|
|
SIEM Overview Page : Modify Security Settings Kibana
|
|
5
|
515
|
September 7, 2020
|
|
Detection Rule - Output of a aggregation bucket should match with other types of logs in the same index
|
|
2
|
728
|
February 2, 2022
|
|
Rules failing
|
|
3
|
630
|
January 15, 2024
|
|
Opsgenie SIEM Case connector
|
|
2
|
727
|
January 19, 2021
|
|
SIEM error new install
|
|
2
|
721
|
July 29, 2020
|
|
Rule failure for Windows path exclusions?
|
|
5
|
507
|
January 6, 2021
|
|
Auditing all Linux clients with centralised server
|
|
4
|
552
|
August 7, 2021
|
|
EQL library where
|
|
2
|
711
|
July 10, 2021
|
|
SIEM feature request
|
|
4
|
549
|
December 8, 2020
|
|
Having SIEM read windows events from non-default index pattern
|
|
3
|
613
|
August 26, 2019
|
|
Elastic Search not work with evebox
|
|
6
|
461
|
April 11, 2024
|
|
Zeek filebeat - HTTP and TLS events not fully populating
|
|
4
|
545
|
May 9, 2020
|
|
Conflict between ECS and SIEM authentication events visualization
|
|
3
|
609
|
February 26, 2020
|
|
Remove Ingest Processor
|
|
1
|
484
|
May 31, 2022
|
|
Reduce duplicate signals/ alerts
|
|
1
|
859
|
September 26, 2021
|
|
Signal SIEM Detections using log files
|
|
5
|
494
|
May 23, 2020
|
|
Detection rules CLI
|
|
3
|
597
|
April 29, 2021
|
|
I want to enable the map which is present in SIEM app
|
|
1
|
843
|
January 6, 2020
|
|
Customize Columns for SIEM Signals and External Alerts not persistent?
|
|
4
|
533
|
July 23, 2020
|
|
SIEM Infrastructure design
|
|
2
|
686
|
October 28, 2019
|
|
Create a rule to detect number of beats
|
|
5
|
485
|
May 26, 2021
|