742253c61d
[Rule tuning] Revise rule description and other text ( #1398 )
...
(cherry picked from commit f8f643041a
2021-08-03 21:08:48 +00:00
3fc34b86f2
Update License to Elastic v2 ( #944 )
2021-03-03 22:12:11 -09:00
97ee8cc9ac
Refresh beats and ecs schemas and default to use latest to validate ( #570 )
...
* Refresh beats and ecs schemas and default to use latest to validate
* remove incorrect ecs_version from zoom rule
* remove stale ecs_version from rules
2020-12-01 13:24:20 -09:00
2065af89b1
[Rule Tuning] Tag Categorization Updates ( #380 )
...
* Add new categorization tags
* Change updated_date to 2020/10/26
Co-authored-by: Ross Wolf <31489089+rw-access@users.noreply.github.com >, @bm11100
2020-10-26 13:50:45 -05:00
92633ed51a
[New Rule] Anomalous Linux Compiler Activity ( #262 )
...
* Create ml_linux_anomalous_compiler_activity.toml
rule to accompany the rare compiler activity job
* Update ml_linux_anomalous_compiler_activity.toml
added fp field
* Update ml_linux_anomalous_compiler_activity.toml
* Update ml_linux_anomalous_compiler_activity.toml
* Update ml_linux_anomalous_compiler_activity.toml
2020-09-22 16:24:32 -04:00
Justin Ibarra