Hello All,
We are very new to the Elastic Stack, We had an alert show up this morning for " Remote Execution via File Shares" However, I can not find any corresponding data to go with it. is it normal that this alert does not record a executable name or any hint of what ran? Just trying to learn.
Thanks in advance.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.