-
Notifications
You must be signed in to change notification settings - Fork 460
Issues: elastic/detection-rules
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
[Bug][DAC] Rule Threat Reference Fields Exported from Kibana Mismatch URL
bug
Something isn't working
detections-as-code
Team: TRADE
#3843
opened Jun 28, 2024 by
eric-forte-elastic
[Rule Tuning] Attempts to Brute Force a Microsoft 365 User Account
community
Rule: Tuning
tweaking or tuning an existing rule
#3838
opened Jun 27, 2024 by
ZsomborBenedek
[Bug] PowerShell Suspicious Discovery Related Windows API Functions - not file.path not working as expected.
bug
Something isn't working
community
#3837
opened Jun 27, 2024 by
BugOrFeature
[Bug] schema should not allow Something isn't working
python
Internal python for the repository
test-suite
unit and other testing components
index
and dataview
bug
#3817
opened Jun 21, 2024 by
brokensound77
[Bug] Microsoft IIS Service Account Password Dumped doesn't match the command arg
bug
Something isn't working
#3807
opened Jun 20, 2024 by
fdartayre
[Rule Tuning] Suspicious Inter-Process Communication via Outlook
community
Rule: Tuning
tweaking or tuning an existing rule
#3803
opened Jun 19, 2024 by
ar3diu
[Meta] EvilNoVNC Threat Detection Coverage Assessment
Domain: Cloud
Domain: SaaS
Meta
Team: TRADE
#3787
opened Jun 13, 2024 by
terrancedejesus
[FR][DAC] Consideration: Add CLI commands for deprecate / disable rules
detections-as-code
enhancement
New feature or request
Team: TRADE
#3786
opened Jun 12, 2024 by
eric-forte-elastic
[FR][DAC] Consideration: Add support for exceptions APIs in Kibana module
detections-as-code
enhancement
New feature or request
kibana-module
related to the kibana module
#3785
opened Jun 12, 2024 by
brokensound77
[FR] Add API auth to Kibana module
enhancement
New feature or request
kibana-module
related to the kibana module
#3784
opened Jun 12, 2024 by
brokensound77
[Meta] Add Auth0 Prebuilt Threat Detection Ruleset
backlog
Meta
Team: TRADE
#3780
opened Jun 11, 2024 by
terrancedejesus
[Rule Tuning] O365 Exchange Suspicious Mailbox Right Delegation
backlog
community
Rule: Tuning
tweaking or tuning an existing rule
#3775
opened Jun 11, 2024 by
willemri
[FR] Revisit Filter Schema for Removal or Extension
backlog
enhancement
New feature or request
python
Internal python for the repository
schema
#3773
opened Jun 10, 2024 by
Mikaayenson
[Bug] Impossible Query not flagging the impossible travel activity / Any suggestions?
bug
Something isn't working
community
#3772
opened Jun 10, 2024 by
LeahK454
[New Rule] Suspicious Okta Cross-Origin Authentication
backlog
Domain: Cloud
Domain: SaaS
Integration: Okta
okta related rules
Rule: New
Proposal for new rule
#3769
opened Jun 10, 2024 by
terrancedejesus
[FR][DAC] Consideration: Add Directory Support for Custom Schemas
detections-as-code
enhancement
New feature or request
#3765
opened Jun 7, 2024 by
eric-forte-elastic
[Rule Tuning] LSASS Memory Dump Creation
community
Rule: Tuning
tweaking or tuning an existing rule
#3756
opened Jun 5, 2024 by
ar3diu
[Meta] Okta Detection Coverage for Cross-Origin Authentication Credential Stuffing
backlog
Integration: Okta
okta related rules
Meta
Team: TRADE
#3723
opened May 30, 2024 by
terrancedejesus
[Rule Tuning] Suspicious Web Browser Sensitive File Access
community
Rule: Tuning
tweaking or tuning an existing rule
#3721
opened May 30, 2024 by
ar3diu
[New Rule] Elastic Agent status not validated
Domain: Endpoint
esql
ES|QL
OS: Linux
OS: macOS
OS: Windows
windows related rules
Rule: New
Proposal for new rule
#3719
opened May 29, 2024 by
peasead
[New Rule] Process Backgrounded by Unusual Parent
OS: Linux
Rule: New
Proposal for new rule
Team: TRADE
#3713
opened May 27, 2024 by
Aegrah
[FR][DAC] Support CCS Index Patters with ECS Fields
detections-as-code
python
Internal python for the repository
Team: TRADE
#3708
opened May 23, 2024 by
eric-forte-elastic
[Rule Tuning] Add tweaking or tuning an existing rule
test-suite
unit and other testing components
event.ingested
to Analytic ML Package Rules
Rule: Tuning
#3703
opened May 22, 2024 by
pantea-elastic
[Bug] O365 Exchange Suspicious Mailbox Right Delegation - False Positives for "NT AUTHORITY\SYSTEM (Microsoft.Exchange.ServiceHost)"
backlog
bug
Something isn't working
community
#3702
opened May 22, 2024 by
willem-dhaese
[FR][DAC] Update Handling Data Views from Kibana
detections-as-code
enhancement
New feature or request
python
Internal python for the repository
Team: TRADE
#3697
opened May 21, 2024 by
eric-forte-elastic
Previous Next
ProTip!
Mix and match filters to narrow down what you’re looking for.