Issues: splunk/security_content
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
[BUG] Missing Wildcards in Splunk Rule for Detecting Known Services Killed by Ransomware
bug
Something isn't working
#2996
opened Apr 9, 2024 by
shimonShouei
[BUG] Detections with joins failed to properly translate to Sigma
bug
Something isn't working
#2987
opened Mar 29, 2024 by
ajkingio
Minor malicious_powershell_process___encoded_command search update
enhancement
New feature or request
#2982
opened Mar 20, 2024 by
SirDuckly
Azure AD Multi-Source Failed Authentications Spike - Missing ADFSSignInLogs category
enhancement
New feature or request
#2980
opened Mar 20, 2024 by
atgithub11
Scheduled Task Initiation on Remote Endpoint - Update Analytics
enhancement
New feature or request
#2977
opened Mar 10, 2024 by
Badoodish
[BUG] Datasource is set incorrectly on this detection
bug
Something isn't working
#2962
opened Feb 15, 2024 by
josehelps
[BUG] Linux Service Started Or Enabled triggering on Windows events
bug
Something isn't working
#2944
opened Jan 17, 2024 by
0xC0FFEEEE
pre trained Deep Learning models for ESCU - Support for DSDL Version 5.1.1
enhancement
New feature or request
#2939
opened Jan 9, 2024 by
atgithub11
[BUG] O365 Mailbox Inbox Folder Shared with All Users. Field "object" doesn't exist.
needs-more-info
#2937
opened Jan 2, 2024 by
atgithub11
[BUG] ESCU - Detect Excessive Account Lockouts From Endpoint
bug
Something isn't working
#2929
opened Dec 14, 2023 by
githubonlyy
[BUG] "Kerberos TGT Request Using RC4 Encryption" using non-CIM field "Account_Name"
bug
Something isn't working
#2920
opened Dec 1, 2023 by
iso-rgomez
Include New feature or request
tags.atomic_guid
and tags.required_fields
into ESCU
enhancement
#2904
opened Oct 30, 2023 by
ccl0utier
[BUG] ESCU CS fields LogonType and TargetUserName
bug
Something isn't working
#2869
opened Oct 2, 2023 by
cp-sn
[BUG] artifact_update custom function fails if cef_value passed is 0
bug
Something isn't working
#2821
opened Aug 22, 2023 by
ianwills-splunk
kubernetes detections to be ported to opentelemetry output because of EOS of sc4k
enhancement
New feature or request
#2679
opened May 17, 2023 by
hhgsplk
Include "Drilldown name and Search" in the detection template
4.0.0
Security Content 4.0.0
enhancement
New feature or request
#2385
opened Sep 23, 2022 by
gs3cl
TR-2335: Use of Incident Response/Review compatible fields in Correlation Searches
enhancement
New feature or request
#2319
opened Aug 9, 2022 by
beano500
Underscores in some Windows log based rules
bug
Something isn't working
#2312
opened Aug 2, 2022 by
alekwisnia
detect_new_local_admin_account.yml query update
bug
Something isn't working
#2073
opened Mar 8, 2022 by
TheLawsOfChaos
ProTip!
Updated in the last three days: updated:>2024-04-25.