-
Notifications
You must be signed in to change notification settings - Fork 354
Issues: splunk/security_content
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
[BUG] Azure MFA failure detections logic flaw
bug
Something isn't working
#3134
opened Sep 19, 2024 by
0xC0FFEEEE
[community request] Update Ransomware Extensions Lookup
enhancement
New feature or request
#3131
opened Sep 17, 2024 by
ljstella
AppLocker Dashboard Issue - No Policy Review Data
bug
Something isn't working
#3021
opened Jun 22, 2024 by
matchstickboy
[BUG] Missing Wildcards in Splunk Rule for Detecting Known Services Killed by Ransomware
bug
Something isn't working
#2996
opened Apr 9, 2024 by
shimonShouei
Azure AD Multi-Source Failed Authentications Spike - Missing ADFSSignInLogs category
enhancement
New feature or request
#2980
opened Mar 20, 2024 by
atgithub11
[BUG] Linux Service Started Or Enabled triggering on Windows events
bug
Something isn't working
#2944
opened Jan 17, 2024 by
0xC0FFEEEE
pre trained Deep Learning models for ESCU - Support for DSDL Version 5.1.1
enhancement
New feature or request
#2939
opened Jan 9, 2024 by
atgithub11
[BUG] O365 Mailbox Inbox Folder Shared with All Users. Field "object" doesn't exist.
needs-more-info
#2937
opened Jan 2, 2024 by
atgithub11
[BUG] ESCU - Detect Excessive Account Lockouts From Endpoint
bug
Something isn't working
#2929
opened Dec 14, 2023 by
githubonlyy
[BUG] "Kerberos TGT Request Using RC4 Encryption" using non-CIM field "Account_Name"
bug
Something isn't working
#2920
opened Dec 1, 2023 by
iso-rgomez
Include New feature or request
tags.atomic_guid
and tags.required_fields
into ESCU
enhancement
#2904
opened Oct 30, 2023 by
ccl0utier
[BUG] ESCU CS fields LogonType and TargetUserName
bug
Something isn't working
#2869
opened Oct 2, 2023 by
cp-sn
[BUG] artifact_update custom function fails if cef_value passed is 0
bug
Something isn't working
#2821
opened Aug 22, 2023 by
ianwills-splunk
kubernetes detections to be ported to opentelemetry output because of EOS of sc4k
enhancement
New feature or request
#2679
opened May 17, 2023 by
hhgsplk
Include "Drilldown name and Search" in the detection template
4.0.0
Security Content 4.0.0
enhancement
New feature or request
#2385
opened Sep 23, 2022 by
gs3cl
TR-2335: Use of Incident Response/Review compatible fields in Correlation Searches
enhancement
New feature or request
#2319
opened Aug 9, 2022 by
beano500
Underscores in some Windows log based rules
bug
Something isn't working
#2312
opened Aug 2, 2022 by
alekwisnia
detect_new_local_admin_account.yml query update
bug
Something isn't working
#2073
opened Mar 8, 2022 by
TheLawsOfChaos
ProTip!
Exclude everything labeled
bug
with -label:bug.