-
The "mitre_technique_id" drop down on the "Whitelist Editor Pages" only shown "All (*)"
-
For inputs.conf of Sysmon Log setting to renderXML=0, events in threathunting index do not have the field host_fqdn
-
The following configuration is missing in Olaf Hartong Threat Hunting App under
/opt/splunk/etc/apps/ThreatHunting/default/macros.conf:
[indextime]
definition = _index_earliest=-15m@m AND _index_…
-
There is a typo in the saved search **[T1197] BITS Jobs - Process:** bitsamin.exe
To correct, in default/savedsearches.conf, find
`[[T1197] BITS Jobs - Process]
action.email.useNSSubject = 1
ac…
-
Good morning Binder Team,
First of all, Thank you very much for the amazing project you guys put together 🙏 🍻 . One of my main goals when I started my career as a Cyber Security professional was to…
-
Please verify that you are building from an updated Master branch before filing an issue.
### Description of the issue:
Logger fails to build
### Link to Gist Containing Build Logs:
```
…
clong updated
4 years ago
-
https://splunkbase.splunk.com/app/4305/#/overview
clong updated
5 years ago
-
Issue:
Olaf's Threat Hunting App doesn't collect any data upon initial build.
Macros.conf & Indexes.conf are inconsistent than what - https://github.com/clong/DetectionLab/tree/master/Vagrant/resou…
-
Hi Olaf,
Just like to draw your attention, not sure if this is deliberate but many of the techniques in "savedsearches.conf" are missing following couple of lines
request.ui_dispatch_app = Th…
-
Hi there.
I've got the app up and running and think I've got it configured correctly. There is data in the threathunting index, but none of the data contains the event_description field, so the MITRE…