|
Zeek dns logs show only as zeek.notice leaving dns fields empty
|
|
1
|
1011
|
December 11, 2019
|
|
Feature Request: Alert Assignment to user
|
|
2
|
463
|
September 30, 2020
|
|
Aggregating Case Information
|
|
5
|
580
|
February 11, 2022
|
|
Can I change the primary key for identifying hosts in the SIEM app?
|
|
4
|
633
|
September 1, 2020
|
|
Unusual Process For a Windows Host (rare_process_by_host_windows_ecs)
|
|
5
|
575
|
July 29, 2021
|
|
Rules in ElasticSIEM not create signals
|
|
5
|
573
|
May 14, 2020
|
|
Siem anomaly detection prebuild jobs
|
|
2
|
810
|
January 30, 2020
|
|
EQL rules do not work but see hits
|
|
3
|
695
|
March 14, 2022
|
|
Aggregation facility in the detections rules tab?
|
|
2
|
449
|
July 3, 2020
|
|
Auditbeat docker (7.4.2) starts and then terminates with no error
|
|
2
|
784
|
December 17, 2019
|
|
Viewing Pinned Timeline Events
|
|
2
|
782
|
November 22, 2019
|
|
Elastic Detection Actions - any way to add fields?
|
|
2
|
438
|
April 25, 2022
|
|
Watch configuration (advance watch - Jason queries for cyber security)
|
|
5
|
550
|
August 31, 2021
|
|
How to change query in SIEM
|
|
3
|
672
|
November 18, 2019
|
|
Last Seen timestamp under Hosts section appears to be incorrect
|
|
3
|
665
|
August 8, 2019
|
|
Integration of Kaspersky AV with the elastic SIEM
|
|
5
|
542
|
November 23, 2025
|
|
Reporting email action failure from watcher - ELK7.8
|
|
3
|
662
|
April 15, 2021
|
|
Edit Telnet port Activity rule
|
|
3
|
661
|
April 19, 2021
|
|
Update field on all SIEM detection Rules in one go
|
|
6
|
498
|
April 18, 2022
|
|
Fielddata error preventing Authentications tab populating
|
|
4
|
584
|
October 2, 2019
|
|
NetFlow Traffic from ASA
|
|
2
|
741
|
August 13, 2020
|
|
Detection Rule Key Value Reference Url's
|
|
6
|
485
|
June 19, 2021
|
|
Cloudflare integration Logpull not working
|
|
3
|
634
|
June 29, 2022
|
|
Index patterns global and per rule?
|
|
3
|
630
|
November 24, 2020
|
|
Opsgenie SIEM Case connector
|
|
2
|
725
|
January 19, 2021
|
|
Detection Rule - Output of a aggregation bucket should match with other types of logs in the same index
|
|
2
|
724
|
February 2, 2022
|
|
Security events and rules matching
|
|
3
|
626
|
August 23, 2022
|
|
SIEM error new install
|
|
2
|
715
|
July 29, 2020
|
|
SIEM Overview Page : Modify Security Settings Kibana
|
|
5
|
505
|
September 7, 2020
|
|
Rules failing
|
|
3
|
618
|
January 15, 2024
|
|
EQL library where
|
|
2
|
711
|
July 10, 2021
|
|
Rule failure for Windows path exclusions?
|
|
5
|
502
|
January 6, 2021
|
|
Multiple index search
|
|
6
|
464
|
May 1, 2023
|
|
Auditing all Linux clients with centralised server
|
|
4
|
548
|
August 7, 2021
|
|
Remove Ingest Processor
|
|
1
|
482
|
May 31, 2022
|
|
Having SIEM read windows events from non-default index pattern
|
|
3
|
606
|
August 26, 2019
|
|
SIEM feature request
|
|
4
|
542
|
December 8, 2020
|
|
Zeek filebeat - HTTP and TLS events not fully populating
|
|
4
|
542
|
May 9, 2020
|
|
Reduce duplicate signals/ alerts
|
|
1
|
854
|
September 26, 2021
|
|
Conflict between ECS and SIEM authentication events visualization
|
|
3
|
602
|
February 26, 2020
|
|
Detection not finding anything but same query finds them
|
|
6
|
453
|
March 27, 2021
|
|
Elastic Search not work with evebox
|
|
6
|
450
|
April 11, 2024
|
|
I want to enable the map which is present in SIEM app
|
|
1
|
839
|
January 6, 2020
|
|
Create a rule to detect number of beats
|
|
5
|
483
|
May 26, 2021
|
|
Signal SIEM Detections using log files
|
|
5
|
483
|
May 23, 2020
|
|
SIEM > Detections will not setup
|
|
2
|
681
|
March 11, 2020
|
|
SIEM Infrastructure design
|
|
2
|
682
|
October 28, 2019
|
|
Customize Columns for SIEM Signals and External Alerts not persistent?
|
|
4
|
527
|
July 23, 2020
|
|
Detection rules CLI
|
|
3
|
589
|
April 29, 2021
|
|
Elastic SIEM cloud data storage location? Canadian Data Residency
|
|
2
|
673
|
October 31, 2022
|