issues
search
olafhartong
/
ThreatHunting
A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
MIT License
1.12k
stars
175
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Splunk Add on for Sysmon
#71
JBStudios
closed
3 years ago
2
Outpost security threathunting index macro
#70
OutpostSecurity
closed
3 years ago
0
whitelist dashboard updates
#69
OutpostSecurity
closed
3 years ago
1
Missing definitions in ./default/props.conf #55
#68
OutpostSecurity
closed
3 years ago
0
Updated match_types
#67
OutpostSecurity
closed
3 years ago
0
Eval command failing in props.conf #60 - Updated
#66
OutpostSecurity
closed
3 years ago
1
Update savedsearches.conf to address Issue #61 - missing double quote
#65
OutpostSecurity
closed
3 years ago
1
fixed missing ending quote
#64
fryguy04
closed
3 years ago
1
($exclude_technique$) AND ($exclude_host_fqdn$) Need to be removed to work
#63
kucster
closed
2 years ago
6
There is a bug when an escape character occurs in the User drilldowns
#62
Moofeng
opened
3 years ago
1
Unbalanced quote in T1003 Credential Dumping - Registry
#61
afxmac
closed
3 years ago
2
Eval command failing in props.conf
#60
Suirand1
closed
3 years ago
4
"Error in 'lookup' command: Could not find all of the specified lookup fields in the lookup table.". No actions executed"
#59
akjhhauyo956dhhv05
closed
3 years ago
0
Update required apps
#58
Karma1331
closed
2 years ago
1
Fix references to sysmoneventcodes
#57
clong
closed
3 years ago
2
Incorrect reference to sysmoneventcodes.csv in default/props.conf
#56
sebastiendamaye
closed
3 years ago
2
Missing definitions in ./default/props.conf
#55
sebastiendamaye
closed
3 years ago
7
Could not load lookup=LOOKUP-sysmoneventcode
#54
Moofeng
closed
3 years ago
3
Could not load lookup=LOOKUP-sysmoneventcode
#53
Moofeng
closed
3 years ago
1
Whitelisting is case sensitive
#52
afxmac
closed
2 years ago
1
source vs. sourcetype
#51
afxmac
closed
3 years ago
1
Still direct references to Windows index
#50
afxmac
closed
3 years ago
1
User field not translated
#49
francescouk
closed
3 years ago
1
Added parent_process_command_line to all the places I think it should
#48
whipped5000
opened
4 years ago
0
Conflict with Windows TA
#47
igorxo
closed
3 years ago
8
Splunk _internal error in lookup command
#46
mortf
closed
4 years ago
2
Correct "Could not load lookup=LOOKUP-eventcode" issue
#45
ZikyHD
closed
4 years ago
1
Queries not loading
#44
ssupernova
closed
3 years ago
3
Could not load lookup=LOOKUP-eventcode
#43
francescouk
closed
3 years ago
7
Confused getting data into the index "threathunting"
#42
Woodams
closed
4 years ago
0
process_parent_commandline whitelisting
#41
whipped5000
opened
4 years ago
2
Whitelisting not working after update
#40
whipped5000
closed
4 years ago
2
Whitelisting issue
#39
s0lari
closed
2 years ago
3
Stuck
#38
sulaimanbale
closed
2 years ago
23
threathunting Summary Index Macro
#37
billmurrin
closed
2 years ago
2
No matching visualization found for type: link_analysis, in app: link_analysis_app
#36
noobfromvn
closed
4 years ago
1
added missing character in saved search
#35
billmurrin
closed
4 years ago
1
Update to WMI Whitelist Macro
#34
billmurrin
closed
4 years ago
1
CSV Pack
#33
billmurrin
opened
4 years ago
4
Changes to make Splunk Cloud happy
#32
madcitygeek
closed
4 years ago
1
Question - Index not populating
#31
biz0b
closed
4 years ago
3
indextime
#30
anywhere98
closed
4 years ago
1
sysmon_schema_version
#29
anywhere98
closed
4 years ago
1
1.4.0 Whitelist changes?
#28
billmurrin
closed
4 years ago
2
Update Splunkbase version
#27
deadstick6
closed
4 years ago
2
Bug in Process Create whitelist editor
#26
70bb3
closed
5 years ago
3
Computer drilldown returns no events occasionally
#25
70bb3
closed
4 years ago
2
Splunkbase Cloud - Vetting Failed
#24
deadstick6
closed
5 years ago
5
fixes for the savedsearches
#23
aholzel
closed
1 year ago
4
Not all (Parent)Process drilldowns are fully working
#22
olafhartong
closed
4 years ago
0
Previous
Next