V1D1AN
V1D1AN
Hi the community, With Kibana and Elastic SIEM, you can create rules with Threshold. When i do: ``` ./sigmac -t es-rule --filter condition!=near -I -c config/generic/sysmon.yml -c config/winlogbeat-modules-enabled.yml --backend-config backend.yml...
# Cortex with Elasticsearch SSL ### Request Type Bug ### Work Environment | Question | Answer |---------------------------|-------------------- | OS version (server) | Cortex 3.1.1-1 | OS version (client) | W10...
Hi, Have you developed a script to automatically generate the Json file for the mitre attack navigator ?? Thanks
Hello, ee-outliers seems like a good project, do you plan to add "notifier" like "TheHive" or other ?? SMTP is only the possibility for the moment.
Hello, If I want test SysmonSearch with a Nxlog and a logstash. I must change my winlogbeat.yml of sigma with my nxlog.yml and change the "collection_alert_data.py" and "collection_statistical_data.py" ? Congratulations...
Hi blacktop. How can we monitor several interfaces at the same time. "Zeek -i" accepts only one interface Thanks for your works :)
Hi everybody. It is possible to integrate the plugin "capa" from the flare team ?? https://github.com/fireeye/capa Thanks to the stoq team for your soft :)
Hi the team of Punch-Cyber I have test the plugin redis-queue.. Unfortunately nothing happens when I use it. My stoq.cfg ``` [core] # What syntax should logs be generated as?...
### Description ### Versions - otx-misp: 1.4.3 - PyMISP: 2.4.121.1 - MISP: 2.4.121 - Python (Python 2 will not be supported): Python3 - Operating system: Ubuntu 18.04.4 LTS ### Traceback...
Hi, After many hours of debugging, I finally have MWDB with Aurora. Now I have a problem when I push a malware in mwdb. Nothing appears in Aurora. I have...