security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[Security Content] Small tweaks on the setup guides (#3308)

Browse Source 
* [Security Content] Small tweaks on the setup guides

* Additional Fixes

* Avoid touching deprecated rules

(cherry picked from commit 458e67918a)
This commit is contained in:
Jonhnathan
2024-03-11 09:09:40 -03:00
committed by github-actions[bot]
parent aebe64a42b
commit 9101dfc064
477 changed files with 576 additions and 871 deletions
Download Patch File Download Diff File Expand all files Collapse all files
rules/linux/execution_python_tty_shell.toml
+1 -2
View File
@@ -19,7 +19,7 @@ license = "Elastic License v2"
name = "Interactive Terminal Spawned via Python"
risk_score = 73
rule_id = "d76b02ef-fc95-4001-9297-01cb7412232f"
setup = """
setup = """## Setup
This rule requires data coming in from Elastic Defend.
@@ -43,7 +43,6 @@ For more details on Elastic Agent configuration settings, refer to the [helper g
- Click "Save and Continue".
- To complete the integration, select "Add Elastic Agent to your hosts" and continue to the next section to install the Elastic Agent on your hosts.
For more details on Elastic Defend refer to the [helper guide](https://www.elastic.co/guide/en/security/current/install-endpoint.html).
"""
severity = "high"
timestamp_override = "event.ingested"