This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
server log [22:34:34.179] [debug][plugins][plugins][securitySolution][securitySolution] Lists filtered out 33 events name: "Rule w exceptions" id: "239c70da-8640-4964-b7ba-a45cf1528563" rule id: "query-with-exceptions" signals index: ".siem-signals-devin-hurley-default" | |
server log [22:34:34.661] [debug][plugins][plugins][securitySolution][securitySolution] individual bulk process time took: 474.62 milliseconds | |
server log [22:34:34.661] [debug][plugins][plugins][securitySolution][securitySolution] took property says bulk took: 45 milliseconds | |
server log [22:34:34.661] [debug][plugins][plugins][securitySolution][securitySolution] created 67 signals name: "Rule w exceptions" id: "239c70da-8640-4964-b7ba-a45cf1528563" rule id: "query-with-exceptions" signals index: ".siem-signals-devin-hurley-default" | |
server log [22:34:34.662] [debug][plugins][plugins][securitySolution][securitySolution] filteredEvents.hits.hits: 67 name: "Rule w exceptions" id: "239c70da-8640-4964-b7ba-a45cf1528563" rule |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
server log [01:11:26.989] [debug][plugins][plugins][securitySolution][securitySolution] totalHits: 4737 name: "Rule w exceptions" id: "239c70da-8640-4964-b7ba-a45cf1528563" rule id: "query-with-exceptions" signals index: ".siem-signals-devin-hurley-default" | |
server log [01:11:26.989] [debug][plugins][plugins][securitySolution][securitySolution] searchResult.hit.hits.length: 100 name: "Rule w exceptions" id: "239c70da-8640-4964-b7ba-a45cf1528563" rule id: "query-with-exceptions" signals index: ".siem-signals-devin-hurley-default" | |
server log [01:11:26.990] [debug][plugins][plugins][securitySolution][securitySolution] valuesOfGivenType: [ | |
"71.211.48.72", | |
"47.34.56.166", | |
"172.100.214.142", | |
"67.173.227.94", | |
"89.12.89.72", | |
"35.226.77.71", | |
"35.199.90.14", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
at org.elasticsearch.action.ActionListener$1.onResponse(ActionListener.java:128) [elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] | |
│ at org.elasticsearch.xpack.security.authz.store.CompositeRolesStore.getRoles(CompositeRolesStore.java:275) [x-pack-security-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] | |
│ at org.elasticsearch.xpack.security.authz.RBACEngine.getRoles(RBACEngine.java:132) [x-pack-security-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] | |
│ at org.elasticsearch.xpack.security.authz.RBACEngine.resolveAuthorizationInfo(RBACEngine.java:120) [x-pack-security-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] | |
│ at org.elasticsearch.xpack.security.authz.AuthorizationService.authorize(AuthorizationService.java:229) [x-pack-security-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] | |
│ at org.elasticsearch.xpack.security.action.filter.SecurityActionFilter.authorizeRequest(SecurityActionFilter.java:173) [x-pack-security-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] | |
│ at org.elasticsearch.xpa |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
############################################## | |
# Sample client-side OpenVPN 2.0 config file # | |
# for connecting to multi-client server. # | |
# # | |
# This configuration can be used by multiple # | |
# clients, however each client should have # | |
# its own cert and key files. # | |
# # | |
# On Windows, you might want to rename this # | |
# file so it has a .ovpn extension # |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{"id":"9c21dfcc-6694-479d-b330-9bc984c1b880","updated_at":"2024-04-23T00:38:44.723Z","updated_by":"elastic_serverless","created_at":"2024-04-22T19:47:16.573Z","created_by":"elastic_serverless","name":"test","tags":[],"interval":"1m","enabled":false,"revision":9,"description":"test","risk_score":21,"severity":"low","license":"","output_index":"","meta":{"from":"500m","kibana_siem_app_url":"http://localhost:5601/app/security"},"author":[],"false_positives":[],"from":"now-30060s","rule_id":"a8419dbe-0fea-4602-ab98-cdbf74ff9ea6","max_signals":100,"risk_score_mapping":[],"severity_mapping":[],"threat":[],"to":"now","references":[],"version":1,"exceptions_list":[],"immutable":false,"related_integrations":[],"required_fields":[],"setup":"","type":"threat_match","language":"kuery","index":["high*"],"query":"*:*","filters":[],"threat_filters":[],"threat_query":"*:*","threat_mapping":[{"entries":[{"field":"host.name","type":"mapping","value":"host.name"},{"field":"container.id","type":"mapping","value":"container.id"}, |
OlderNewer