Issues with SOF-ELK and Sigma rules

Yelp / elastalert

Easy & Flexible Alerting With ElasticSearch

https://elastalert.readthedocs.org

Apache License 2.0

8k stars 1.73k forks source link

Issues with SOF-ELK and Sigma rules #3217

Open FrancescoFaenzi opened 3 years ago

FrancescoFaenzi commented 3 years ago

Hello we are having issues installing Elastalert with SOF-ELK. The goal is to run SIGMA rules on historical logs uploaded in SOF-ELK. Any clue / any experience?