-
A few users reported mapping errors on a few integrations. We suspect these problems may be related to integrations that migrated to ecs@mappings with recent updates.
Here is the list of fields with …
zmoog updated
23 hours ago
-
### Impacted tests
- TestAccSecurityCenterManagementOrganizationEventThreatDetectionCustomModule
### Affected Resource(s)
- google_scc_management_organization_event_threat_detection_custom_module…
-
**Describe the bug**
The IDEA0 format does not have all the options we need to report an alert correctly. In particular IDEA0 still wants each alert to have a Source and a Destination of the attack, w…
-
Our Windows integration (and Winlogbeat) supports the translation of Windows security identifiers (SID's) within Windows events to an account name, thanks to the [translate_sid processor](https://www.…
-
A test failed on a tracked branch
```
AssertionError: Timed out retrying after 150000ms: Expected to find element: `[data-test-subj="expand-event"]`, but never found it.
at expandFirstAlert (webp…
-
## **Issue**:
The detection rule "Suspicious Web Browser Sensitive File Access" is currently configured to query the `logs-endpoint.events.file.*` indices, but it is a process-related rule and needs…
-
A test failed on a tracked branch
```
AssertionError: Timed out retrying after 150000ms: Expected to find element: `[data-test-subj="expand-event"]`, but never found it.
at expandFirstAlert (webp…
-
| Wazuh | Rev | Browser |
|-------|------|------------------------------|
| 4.9.0 | - | Chrome, Firefox, Safari, etc |
**Description**
Currently, the search bar has a loadi…
-
#2355 changed the primary user experience of Tracee to be event oriented (previously events were considered internal and hidden from the user). Therefore:
1. The event schema needs to be formalized a…
-
A test failed on a tracked branch
```
Error: expected 3 to sort of equal 1
at Assertion.assert (expect.js:100:11)
at Assertion.eql (expect.js:244:8)
at Context. (indicator_match.ts:1756:4…