|
Add additional data source to SIEM dashboard
|
|
3
|
714
|
September 18, 2019
|
|
Adding a condition in detection engine
|
|
1
|
1008
|
April 10, 2020
|
|
Send Linux/Windows/NetworkDevices logs to Elastic SIEM
|
|
1
|
1002
|
June 26, 2020
|
|
Just a question about a siem rule filter
|
|
3
|
707
|
November 30, 2020
|
|
Can Someone Help me Configure Suricata Filebeat on elastic cloud?
|
|
1
|
998
|
November 21, 2019
|
|
Adding alers to cases in bulk
|
|
1
|
177
|
May 15, 2024
|
|
SIEM Event Correlation rule returns no data
|
|
3
|
702
|
December 17, 2021
|
|
Elastic Security Rule exception
|
|
1
|
991
|
March 22, 2022
|
|
PoC - Use ELK to aggregate multiple LogInsight Systems into one SOC
|
|
2
|
787
|
September 3, 2019
|
|
Can Elastic SIEM have a Group By feature in the Timelines?
|
|
4
|
605
|
May 15, 2020
|
|
Email Action for Detection Rule
|
|
2
|
781
|
April 15, 2021
|
|
EQL - Rule creation
|
|
1
|
535
|
August 31, 2022
|
|
Winlogbeat 7.9 not shipping logs in full ECS?
|
|
3
|
665
|
September 24, 2020
|
|
{{#context.alerts}} not showing up in markdown
|
|
2
|
767
|
June 16, 2021
|
|
Aggregating Case Information
|
|
4
|
594
|
January 14, 2022
|
|
Unusual Process For a Windows Host (rare_process_by_host_windows_ecs)
|
|
4
|
590
|
July 1, 2021
|
|
Rules in ElasticSIEM not create signals
|
|
4
|
584
|
April 16, 2020
|
|
Can I change the primary key for identifying hosts in the SIEM app?
|
|
3
|
645
|
August 4, 2020
|
|
Update detection rules from elastic github repository to on-premises
|
|
2
|
743
|
August 4, 2020
|
|
D365 cloud based solution
|
|
1
|
509
|
February 19, 2021
|
|
Watch configuration (advance watch - Jason queries for cyber security)
|
|
4
|
559
|
August 31, 2021
|
|
Unable to start audit beat
|
|
0
|
1240
|
November 27, 2019
|
|
EQL rules do not work but see hits
|
|
2
|
714
|
February 14, 2022
|
|
Multiple index search
|
|
5
|
503
|
April 3, 2023
|
|
Elastic SIEM - Adding more data
|
|
1
|
867
|
December 17, 2019
|
|
Detection Rule Key Value Reference Url's
|
|
5
|
496
|
May 22, 2021
|
|
Threat hunting with suricata, ElasticSecurity
|
|
1
|
857
|
May 17, 2021
|
|
Detection not finding anything but same query finds them
|
|
5
|
489
|
February 27, 2021
|
|
Fielddata error preventing Authentications tab populating
|
|
3
|
596
|
September 4, 2019
|
|
How to change query in SIEM
|
|
2
|
682
|
October 21, 2019
|
|
Elastic Search not work with evebox
|
|
5
|
477
|
March 14, 2024
|
|
Edit Telnet port Activity rule
|
|
2
|
673
|
March 22, 2021
|
|
Siem anomaly detection prebuild jobs
|
|
1
|
821
|
January 2, 2020
|
|
Last Seen timestamp under Hosts section appears to be incorrect
|
|
2
|
669
|
July 11, 2019
|
|
Reporting email action failure from watcher - ELK7.8
|
|
2
|
668
|
March 18, 2021
|
|
SIEM Overview Page : Modify Security Settings Kibana
|
|
4
|
516
|
August 10, 2020
|
|
Elastic Detection Actions - any way to add fields?
|
|
1
|
453
|
March 28, 2022
|
|
Rule failure for Windows path exclusions?
|
|
4
|
507
|
December 9, 2020
|
|
Viewing Pinned Timeline Events
|
|
1
|
795
|
October 25, 2019
|
|
Auditing all Linux clients with centralised server
|
|
3
|
562
|
July 10, 2021
|
|
Security events and rules matching
|
|
2
|
647
|
July 26, 2022
|
|
Cloudflare integration Logpull not working
|
|
2
|
647
|
June 1, 2022
|
|
Auditbeat docker (7.4.2) starts and then terminates with no error
|
|
1
|
790
|
November 26, 2019
|
|
SIEM feature request
|
|
3
|
556
|
November 10, 2020
|
|
Signal SIEM Detections using log files
|
|
4
|
497
|
April 25, 2020
|
|
Zeek filebeat - HTTP and TLS events not fully populating
|
|
3
|
551
|
April 11, 2020
|
|
Rules failing
|
|
2
|
636
|
December 18, 2023
|
|
Index patterns global and per rule?
|
|
2
|
635
|
October 27, 2020
|
|
Create a rule to detect number of beats
|
|
4
|
490
|
April 28, 2021
|
|
[SIEM] Authentications table doesn't show 'Last Success/Failed Source' column if only 'source.ip' is present
|
|
6
|
413
|
January 19, 2021
|