Mika Ayenson Mikaayenson

## Proposed Security Fields for LLM Threat Detection.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                Mikaayenson
                / Proposed Security Fields for LLM Threat Detection.md
            
            
              Last active
              May 2, 2024 03:48
            
          
Category
Field
Type
Description


General LLM Interaction Fields
gen_ai.prompt
text
The full text of the user's request to the gen_ai.


gen_ai.usage.prompt_tokens
integer
Number of tokens in the user's request.


|

  
## esql_ci_validation.yml
name: ES|QL Validation
on:
  push:
    branches:
      - main
  workflow_dispatch:
    inputs:
      target_branch:
        description: 'Target Detection Rules Branch (e.g. esql_testing)'
        required: true

## elastic_security_openapi_spec.yaml
openapi: 3.0.0
info:
  title: Elastic Security SIEM Signals API (https://www.elastic.co/guide/en/security/current/security-apis.html)
  version: 1.0.0
servers:
  - url: 'http://{kibana_host}:{port}'
paths:
  /api/detection_engine/index:
    summary: Signal index operations (used to store detection alerts)
    post:

## sample_chatgpt_security_use_case.py
import openai
import requests
import textwrap
import uuid

# pip3 install openai requests
# setup the API credentials
es_username = "<your username>"
es_password = "<your password>"
es_url = "https://localhost:9200"
Category	Field	Type	Description
General LLM Interaction Fields	gen_ai.prompt	text	The full text of the user's request to the gen_ai.
	gen_ai.usage.prompt_tokens	integer	Number of tokens in the user's request.
	name: ES\|QL Validation
	on:
	push:
	branches:
	- main
	workflow_dispatch:
	inputs:
	target_branch:
	description: 'Target Detection Rules Branch (e.g. esql_testing)'
	required: true
	openapi: 3.0.0
	info:
	title: Elastic Security SIEM Signals API (https://www.elastic.co/guide/en/security/current/security-apis.html)
	version: 1.0.0
	servers:
	- url: 'http://{kibana_host}:{port}'
	paths:
	/api/detection_engine/index:
	summary: Signal index operations (used to store detection alerts)
	post:
	import openai
	import requests
	import textwrap
	import uuid

	# pip3 install openai requests
	# setup the API credentials
	es_username = "<your username>"
	es_password = "<your password>"
	es_url = "https://localhost:9200"