Glad to hear you are liking the detection engine. This is a known issue with use of the network.direction field that is fixed in 7.61. The workaround is to duplicate the rule and remove the network.direction test. This issue is also discussed here:
Glad to hear you are liking the detection engine. This is a known issue with use of the network.direction field that is fixed in 7.61. The workaround is to duplicate the rule and remove the network.direction test. This issue is also discussed here:
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.