 Ruben Groenewoud
|
72a2b44db1
|
[Rule Tuning] Interval fix + Datastream values to ESQL Rules (#5413)
* [Rule Tuning] Interval fix + Datastream values to ESQL Rules
* Update persistence_web_server_potential_command_injection.toml
|
2025-12-05 16:42:52 +01:00 |
|
|
Ruben Groenewoud
|
e19ce18a40
|
[Rule Tunings] Misc. Web Server Rules (#5384)
|
2025-12-02 09:21:16 +01:00 |
|
|
shashank-elastic
|
5386345ca7
|
Add Investigation Guides for Rules (#5357)
|
2025-11-25 01:08:15 +05:30 |
|
|
Ruben Groenewoud
|
94ff4b0e3e
|
[New Rule] Web Server Potential Command Injection Request (#5341)
* [New Rule] Web Server Potential Command Injection Request
* Update variable names to use consistent casing
* Add 'Domain: Network' tag to command injection rule
* Update persistence_web_server_potential_command_injection.toml
* adding missing tags
* Update rules/cross-platform/persistence_web_server_potential_command_injection.toml
Co-authored-by: shashank-elastic <91139415+shashank-elastic@users.noreply.github.com>
* Update rules/cross-platform/persistence_web_server_potential_command_injection.toml
Co-authored-by: shashank-elastic <91139415+shashank-elastic@users.noreply.github.com>
---------
Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>
Co-authored-by: terrancedejesus <terrance.dejesus@elastic.co>
Co-authored-by: shashank-elastic <91139415+shashank-elastic@users.noreply.github.com>
|
2025-11-25 00:11:28 +05:30 |
|