-
threathunting_file_summary index is empty. Everything else works fine. It may be that a search is populating it, but I cannot find the search.
-
![image](https://github.com/olafhartong/ThreatHunting/assets/44870751/1dff6aaa-9a8c-4a6b-94cd-6f7d100dd5f5)
![image](https://github.com/olafhartong/ThreatHunting/assets/44870751/1a5594c7-a9a0-440f-92…
-
See https://github.com/elastic/kibana/issues/57370 for reasoning, but the gist is that `export *` usage leads to unexpected and excessive exports from the plugin, leading the public API to grow and in…
-
The "StackingTools > dns_stacking" view shows an error because the `dns_whitelist` macro is expecting the field `mitre_technique_id`:
```
[dns_whitelist]
definition = lookup dns_whitelist mitre_t…
-
![problem1](https://user-images.githubusercontent.com/52149838/201838962-d512878e-dff6-4125-b04b-a1ec2c306381.png)
splunk.version: 9.0.2
threathunting is downloaded from the splunk app
![problem2](…
-
* Operating System Version:
* Deploying via (VirtualBox/VMWare/AWS/Azure/ESXi): AWS
* Vagrant Version (if applicable):
Please verify that you are building from an updated Master branch before f…
-
The "File created whitelist editor" view (file_create_whitelist.xml) doesn't work. Clicking on the "Submit" button doesn't add the entry, and the csv file `threathunting_file_create_whitelist.csv` sho…
-
We are getting a 404 error when we try to edit the macro to suit our organization needs as per your instructions in ‘**Required actions after deployment**' Section. (https://YOURSPLUNK/en-US/manager/T…
-
https://github.com/jacobsoo/ThreatHunting/blob/master/Vietnam/1bc5a02963497fc74e265f11d809cd179fd46852b762e732f736ced12cad9077.md
Using default safebrowsing malleable profile for C2.
User Agent:…
-
Hi again,
I managed to deploy the lab on a ESXi 7.0.3 host running on Intel NUC 11.
The only issue I have now is related to Splunk Threat Hunting App which shows zero threats all the time. I tri…