☕️
☕️
### **Describe the bug** The Linux Service Started Or Enabled rule can trigger on Windows events. ### **Expected behavior** Rule does not trigger on events from Windows Sysmon ### **Screenshots**...
## Describe the bug Cortex Data > Splunk HEC event line breaks missing ## Expected behavior JSON events from Cortex are extracted correctly, broken by line breaks when using the...
Any chance you can build a new unraid docker image? All of my images are CR3 format RAW and I'm not able to put librephotos through its paces without this...
We've modified a couple of our Azure AD rules to use `local=true` as the ESCU searches fail on our cloud ES search head. After converting our savedsearches.conf search back to...
This PR adds support for importing updated searches from an existing savedsearches.conf. ``` contentctl -p import -c ``` For the sake of simplicity I opted to read the detection rules,...
**Important notices** Before you add a new report, we ask you kindly to acknowledge the following: - [x] I have read the contributing guide lines at https://github.com/opnsense/core/blob/master/CONTRIBUTING.md - [x] I...
**Is your feature request related to a problem? Please describe.** This is probably something that could be raised to the contentctl repo but it's probably more relevant to the content...
Both of the mentioned features assume that the repository exists in the same directory as the content, which may not be the case. They both currently appear to be using...
We have ~20 rules that call a webhook to our 3rd party automation platform in order to trigger various workflows. Webhook support would be awesome, and one less thing for...
I'd raise a PR to flesh out the current partial implementation if I could figure out how to do it... We use email actions on a handful of detections to...