sigma-rules

security-tools/sigma-rules

Fork 0

Commit Graph

Author	SHA1	Message	Date
Terrance DeJesus	deab1c0161	[Rule Tuning] Change event.dataset to data_stream.dataset (#5943 ) * [Rule Tuning] Change event.dataset to data_stream.dataset * updating ESQL field names	2026-04-10 12:27:52 -04:00
shashank-elastic	1ce072a4e5	Prep for Release 9.3 (#5548 )	2026-01-12 21:07:07 +05:30
Ruben Groenewoud	ee936cb154	[New Rule] Potential Password Spraying Attack via SSH (#5515 ) * [New Rule] Potential Password Spraying Attack via SSH * ++ * Update rules/linux/credential_access_potential_password_spraying_attack.toml Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com> * Update credential_access_potential_password_spraying_attack.toml * Update credential_access_potential_password_spraying_attack.toml * Change time bucket duration from 1 to 5 minutes --------- Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>	2026-01-08 13:43:52 +01:00

Author

SHA1

Message

Date

Terrance DeJesus

deab1c0161

[Rule Tuning] Change event.dataset to data_stream.dataset (#5943 )

* [Rule Tuning] Change event.dataset to data_stream.dataset

* updating ESQL field names

2026-04-10 12:27:52 -04:00

shashank-elastic

1ce072a4e5

Prep for Release 9.3 (#5548 )

2026-01-12 21:07:07 +05:30

Ruben Groenewoud

ee936cb154

[New Rule] Potential Password Spraying Attack via SSH (#5515 )

* [New Rule] Potential Password Spraying Attack via SSH

* ++

* Update rules/linux/credential_access_potential_password_spraying_attack.toml

Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>

* Update credential_access_potential_password_spraying_attack.toml

* Update credential_access_potential_password_spraying_attack.toml

* Change time bucket duration from 1 to 5 minutes

---------

Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>

2026-01-08 13:43:52 +01:00

3 Commits