-
**Describe the bug**
`aggregation condition` rule count does not show up in `Events with hits`(and `Top 5 computers`)
It's probably the similar cause as #1373, but I'll create a separate issue to ma…
-
# Sensor
## MIR detector
![image](https://user-images.githubusercontent.com/1320252/52174484-46bcc280-27cf-11e9-912d-8641b36b5b43.png)
![image](https://user-images.githubusercontent.com/1320252…
-
It's possible to gather some GPU information with vulkan, like memory available and memory usage: https://www.asawicki.info/news_1695_there_is_a_way_to_query_gpu_memory_usage_in_vulkan_-_use_dxgi
A…
-
Create an analyzer to tag suspicious PowerShell activity to detect things such as a base64 payload, usage of a pen testing framework such as PowerShell empire, etc. The following presentation link giv…
-
@fukusuket Sorry I think this is going to be a difficult issue, but I think you will like it. 😉 Please let me know if you are interested in implementing it.
Right now, all of the unnamed `Data` fie…
-
**Describe the bug**
A clear and concise description of what the bug is.
Timestamps are not showing up when imported into Elasticsearch.
**Step to Reproduce**
Steps to reproduce the behavior:…
-
Recently, some sigma rules are being uploaded without the `level` defined so they are `undefined` rules.
However, `--exclude-status` does not support disabling `undefined` rules so I would like to su…
-
When trying to use `Windows.Hayabusa.Rules` or some artifacts from `DetectRaptor.Windows.Detection.*` to create an offline collector, I get the error `ERROR client_repack: config file is too large t…
-
以下2機能を作ってからリリースするため一旦現状の通知機能は取り下げ
- [ ] Slackの表示を修正する
- [ ] 前回実行時に検知した情報を送付しないようにする
-
## What just happened?
Animesh trees rezzed on my land randomly vanish, and sometimes flicker rapidly visible/invisible. This is happening repeatedly, randomly, and often enough to make the trees unus…