-
**Describe the feature:**
Within the Security solution's Intelligence tab there should be a way to manually upload indicators to be added to the Threat Intel index pattern.
- The upload solution sh…
-
Hi,
Feature Request:
Email import and ingest CSV feeds attachment.
Summary:
We are receiving daily threat intel via email with (intel feeds as CSV format) and it would be great to have this in…
-
## Description
#2777 broke the Threat Intel Indicator Match rule into individual rules by indicator type. After some discussion on that PR, it was suggested to also create a rule for email events. At…
-
Hello,
I've got the same problem using Filebeat threatintel module.
Here is my configuration from `filebeat.yml` (module enabled: AbuseURL, AbuseMalware and misp) :
```
# Module: threatint…
-
http://www.joelonsoftware.com/articles/fog0000000043.html
-
Hi!
feature request
thread-intel plugin is able to work with STIX/TAXII server
https://www.alienvault.com/blogs/security-essentials/otx-is-now-a-free-stix-taxii-server
created from my Ticket: #226…
dio99 updated
5 years ago
-
Similar to findings, alert updates should be done with locking to avoid duplicate alerts and updation of alerts from fan out nodes failing due to concurrent updates.
-
Is this the expected output?
Great project, thank for putting this together.…
-
A test failed on a tracked branch
```
AssertionError: Timed out retrying after 150000ms: Expected to find element: `[data-test-subj="expand-event"]`, but never found it.
at expandFirstAlert (webp…
-
**What is the bug?**
I only have access to `security-auditlog-*` indices in Select Index/Aliases in Configure logs scan
**How can one reproduce the bug?**
Steps to reproduce the behavior:
1. Go …