Alert : "Remote Execution via File Shares"

Hello All,

We are very new to the Elastic Stack, We had an alert show up this morning for " Remote Execution via File Shares" However, I can not find any corresponding data to go with it. is it normal that this alert does not record a executable name or any hint of what ran? Just trying to learn.

Thanks in advance.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.