Skip to content

Issues: elastic/detection-rules

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

117 Open 1,409 Closed
117 Open 1,409 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

[FR] [DAC] Add exceptions list and action connector text to import-rules logging messages detections-as-code enhancement New feature or request Team: TRADE
#4092 opened Sep 19, 2024 by eric-forte-elastic
1
@eric-forte-elastic
[Bug] Dependency using a deprecated and removed module (pkg_resources) bug Something isn't working Team: TRADE
#4083 opened Sep 17, 2024 by brokensound77
1
Browser Extension Install - filters on wrong field community Rule: Tuning tweaking or tuning an existing rule Team: TRADE
#4059 opened Sep 6, 2024 by willemri
1
@w0rk3r
1
[New Rule] Google Sheets C2 Detection Review (Voldemort) Domain: Endpoint Domain: SaaS Integration: Endpoint Elastic Endpoint Security OS: Windows windows related rules Rule: New Proposal for new rule Team: TRADE
#4051 opened Sep 3, 2024 by terrancedejesus
@terrancedejesus
[FR] Unit test to check for related_integrations based on index backlog enhancement New feature or request Team: TRADE
#4046 opened Aug 29, 2024 by shashank-elastic
@shashank-elastic
4
[FR] Deprecate Experimental ML Logic backlog enhancement New feature or request Team: TRADE
#4023 opened Aug 27, 2024 by Mikaayenson
[FR] Redesign Filed Mapping Check for Integration Packages backlog enhancement New feature or request Team: TRADE
#4006 opened Aug 22, 2024 by shashank-elastic
@shashank-elastic
[Rule Tuning] Interactive Exec Command Launched Against A Running Container community Rule: Tuning tweaking or tuning an existing rule Team: TRADE
#3999 opened Aug 21, 2024 by damianfedeczko
@imays11
3
[FR][DAC] Consideration: Support Bulk Actions backlog detections-as-code enhancement New feature or request
#3962 opened Aug 6, 2024 by Mikaayenson
[Rule Tuning] Potential Password Spraying of Microsoft 365 User Accounts backlog community Rule: Tuning tweaking or tuning an existing rule Team: TRADE
#3934 opened Jul 31, 2024 by janniten
[Rule Tuning] Agent Spoofing - Multiple Hosts Using Same Agent backlog community Rule: Tuning tweaking or tuning an existing rule Team: TRADE
#3932 opened Jul 30, 2024 by tehbooom
[Deprecation] AWS EC2 Snapshot Activity backlog Domain: Cloud Integration: AWS AWS related rules Rule: Deprecation removal of a rule Team: TRADE
#3906 opened Jul 18, 2024 by imays11
@imays11
2
[FR] Generate Release Docs for deprecated Rules enhancement New feature or request stale 60 days of inactivity Team: TRADE
#3897 opened Jul 15, 2024 by shashank-elastic
@shashank-elastic
1
[Meta] Active Directory Certificate Services (AD CS) - Part 1 backlog Domain: Endpoint Meta OS: Windows windows related rules Team: TRADE
#3865 opened Jul 3, 2024 by w0rk3r
@w0rk3r
[Meta] EvilNoVNC Threat Detection Coverage Assessment backlog Domain: Cloud Domain: SaaS Meta Team: TRADE
#3787 opened Jun 13, 2024 by terrancedejesus
[FR][DAC] Consideration: Add CLI commands for deprecate / disable rules backlog detections-as-code enhancement New feature or request Team: TRADE
#3786 opened Jun 12, 2024 by eric-forte-elastic
1
[FR][DAC] Consideration: Add support for exceptions APIs in Kibana module backlog detections-as-code enhancement New feature or request kibana-module related to the kibana module
#3785 opened Jun 12, 2024 by brokensound77
[Meta] Add Auth0 Prebuilt Threat Detection Ruleset backlog Meta Team: TRADE
#3780 opened Jun 11, 2024 by terrancedejesus
@terrancedejesus
1
[Rule Tuning] O365 Exchange Suspicious Mailbox Right Delegation backlog community Rule: Tuning tweaking or tuning an existing rule
#3775 opened Jun 11, 2024 by willemri
@terrancedejesus
2
[FR] Revisit Filter Schema for Removal or Extension backlog enhancement New feature or request python Internal python for the repository schema
#3773 opened Jun 10, 2024 by Mikaayenson
[New Rule] Suspicious Okta Cross-Origin Authentication backlog Domain: Cloud Domain: SaaS Integration: Okta okta related rules Rule: New Proposal for new rule
#3769 opened Jun 10, 2024 by terrancedejesus
@terrancedejesus
3
[Meta] Okta Detection Coverage for Cross-Origin Authentication Credential Stuffing backlog Integration: Okta okta related rules Meta Team: TRADE
#3723 opened May 30, 2024 by terrancedejesus
@terrancedejesus
[New Rule] Elastic Agent status not validated backlog Domain: Endpoint esql ES|QL OS: Linux OS: macOS OS: Windows windows related rules Rule: New Proposal for new rule
#3719 opened May 29, 2024 by peasead
@peasead
4
[New Rule] Process Backgrounded by Unusual Parent backlog OS: Linux Rule: New Proposal for new rule Team: TRADE
#3713 opened May 27, 2024 by Aegrah
@Aegrah
[Bug] O365 Exchange Suspicious Mailbox Right Delegation - False Positives for "NT AUTHORITY\SYSTEM (Microsoft.Exchange.ServiceHost)" backlog bug Something isn't working community
#3702 opened May 22, 2024 by willem-dhaese
@terrancedejesus
ProTip! Updated in the last three days: updated:>2024-09-17.