Detecting Exploitation of CVE-2021-44228 (log4j2) with Elastic Security

Hi everyone,

I would like to check with you one thing, we use our corporate Elastic as a SIEM using the security feature.

We have seen this blog about: Detecting Exploitation of CVE-2021-44228 (log4j2) with Elastic Security

We are using filebeat and windlogsbeat to ingest elastic.

Do you know if it is possible for us to implement this detections rules or it needs another feature to configure these rules?

Like Endpoint security, Endgame, audit beat....

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.