Greetings,
I am not sure that I use right category so I am sorry in advance.
Is it possible to add exceptions to the rule using Detection as Code from Elastic directly in the rule file (.toml) without creating a Shared Exception list. I would appreciate any help and examples with this since I have no information regarding this topic.
Greetings!
Apologies for the delay here. I’m tracking down answers to a few questions on my end so that I can get you an accurate response. I’ll aim to get back to you by tomorrow (PST) morning latest. Thanks for your patience.
@proclick I was linked out to these docs - Frequently Asked Questions — DaC Reference 0.4.0 documentation
Please let us know if you have questions after reviewing the docs.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.