search

olafhartong / ThreatHunting

A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
MIT License
1.13k stars 177 forks source link

consistent dispatch.earliest_time = -15m@m #3

Closed fryguy04 closed 5 years ago

fryguy04 commented 5 years ago

some had -15 others had -15m@m (which I believe is more correct way of doing this)

olafhartong commented 5 years ago

Thanks for fixing this, sadly I've noticed this too late, also fixed this a few days ago. Appreciate the help!