Adjust loopback for Cloudtrail (#1103)

* #1092 adjusting loopback for cloudtrail * refactored time interval, adjusted updated_date * reverting bucket interval back to 15m
2021-04-13 13:58:13 -04:00
parent a7bb15eaf7
commit 3876ef3a37
4 changed files with 8 additions and 8 deletions
@@ -1,7 +1,7 @@
 [metadata]
 creation_date = "2020/07/13"
 maturity = "production"
-updated_date = "2021/03/03"
+updated_date = "2021/04/12"

 [rule]
 anomaly_threshold = 50
@@ -17,7 +17,7 @@ false_positives = [
    automation scripts or workflows, or changes to IAM privileges.
    """,
 ]
-from = "now-60m"
+from = "now-2h"
 interval = "15m"
 license = "Elastic License v2"
 machine_learning_job_id = "rare_error_code"
@@ -1,7 +1,7 @@
 [metadata]
 creation_date = "2020/07/13"
 maturity = "production"
-updated_date = "2021/03/03"
+updated_date = "2021/04/12"

 [rule]
 anomaly_threshold = 50
@@ -18,7 +18,7 @@ false_positives = [
    adoption of work from home policies; or users who travel frequently.
    """,
 ]
-from = "now-60m"
+from = "now-2h"
 interval = "15m"
 license = "Elastic License v2"
 machine_learning_job_id = "rare_method_for_a_city"
@@ -1,7 +1,7 @@
 [metadata]
 creation_date = "2020/07/13"
 maturity = "production"
-updated_date = "2021/03/03"
+updated_date = "2021/04/12"

 [rule]
 anomaly_threshold = 50
@@ -18,7 +18,7 @@ false_positives = [
    adoption of work from home policies; or users who travel frequently.
    """,
 ]
-from = "now-60m"
+from = "now-2h"
 interval = "15m"
 license = "Elastic License v2"
 machine_learning_job_id = "rare_method_for_a_country"
@@ -1,7 +1,7 @@
 [metadata]
 creation_date = "2020/07/13"
 maturity = "production"
-updated_date = "2021/03/03"
+updated_date = "2021/04/12"

 [rule]
 anomaly_threshold = 75
@@ -17,7 +17,7 @@ false_positives = [
    automation scripts or workflows; adoption of new services; or changes in the way services are used.
    """,
 ]
-from = "now-60m"
+from = "now-2h"
 interval = "15m"
 license = "Elastic License v2"
 machine_learning_job_id = "rare_method_for_a_username"