Skip to content

Actions: elastic/detection-rules

Actions

Community

Actions

Loading...
Loading

Show workflow options

Create status badge

Loading
community.yml
838 workflow run results
838 workflow run results

Filter by Event

Filter by Status

Filter by Branch

Filter by Actor

[Rule Fix] PowerShell Kerberos Ticket Request Community #2617: Pull request #4148 opened by dan21san
October 10, 2024 13:44 11s
October 10, 2024 13:44 11s
[Rule Tuning] Add KEEP Command to all ES|QL Rules Community #2616: Pull request #4146 opened by terrancedejesus
October 9, 2024 23:33 13s
October 9, 2024 23:33 13s
[Rule Tuning] Remove Salesforce Client User-Agent Whitelisting in MFA Deactivation with no Re-Activation for Okta User Account Community #2615: Pull request #4145 opened by terrancedejesus
October 9, 2024 14:05 17s
October 9, 2024 14:05 17s
[Tuning] Suspicious DLL Loaded for Persistence or Privilege Escalation Community #2614: Pull request #4144 opened by Samirbous
October 9, 2024 09:12 11s
October 9, 2024 09:12 11s
[Meta] WMI Rules using Elastic Defend WMI Events Community #2613: Issue #4143 opened by Samirbous
October 8, 2024 15:56 14s
October 8, 2024 15:56 14s
Endpoint Security - Decrease max events to Kibana allowance of 1k Community #2612: Pull request #4142 opened by nicpenning
October 7, 2024 16:47 14s
October 7, 2024 16:47 14s
[New Rule] Successful Application SSO from Rare Unknown Client Device Community #2611: Pull request #4141 opened by terrancedejesus
October 7, 2024 14:36 21s
October 7, 2024 14:36 21s
Latest ECS & Beats schemas, Integration manifests & schemas Community #2610: Pull request #4140 opened by shashank-elastic
October 7, 2024 14:09 15s
October 7, 2024 14:09 15s
[Rule Tuning] Suspicious DLL Loaded for Persistence or Privilege Escalation Community #2609: Issue #4139 opened by joseph-coulter
October 3, 2024 19:12 14s
October 3, 2024 19:12 14s
[New Rule][BBR] A user logged into Slack from a new country Community #2608: Issue #4138 opened by brokensound77
October 3, 2024 17:19 11s
October 3, 2024 17:19 11s
[New Rule] A user has downloaded an excessive amount of files in Slack over a short period Community #2607: Issue #4137 opened by brokensound77
October 3, 2024 17:06 11s
October 3, 2024 17:06 11s
[New Rule] A user previewed multiple Slack rooms without joining in a short period Community #2606: Issue #4136 opened by brokensound77
October 3, 2024 16:01 10s
October 3, 2024 16:01 10s
[New Rule][BBR] A user previewed a Slack channel without joining Community #2605: Issue #4135 opened by brokensound77
October 3, 2024 15:51 12s
October 3, 2024 15:51 12s
[New Rule] Excessive apps installed in Slack over short duration Community #2604: Issue #4134 opened by brokensound77
October 3, 2024 15:21 13s
October 3, 2024 15:21 13s
[New Rule] An anomaly was detected with a Slack user Community #2603: Issue #4133 opened by brokensound77
October 3, 2024 14:58 11s
October 3, 2024 14:58 11s
[New Rule] Multiple self adds to Google Workspace user groups in short succession Community #2602: Issue #4132 opened by brokensound77
October 2, 2024 19:21 13s
October 2, 2024 19:21 13s
[New Rule] Multiple self adds to Google Workspace user groups in short succession Community #2601: Issue #4131 opened by brokensound77
October 2, 2024 19:21 14s
October 2, 2024 19:21 14s
[New Rule] Google Workspace User Group Access Modified to Allow External Access Community #2600: Issue #4130 opened by brokensound77
October 2, 2024 18:47 12s
October 2, 2024 18:47 12s
[New Rule] Multiple successive Google Workspace groups joined or requested to join in short succession Community #2599: Issue #4129 opened by brokensound77
October 2, 2024 18:42 8s
October 2, 2024 18:42 8s
[Rule Tuning] External User Added to Google Workspace Group Community #2598: Issue #4128 opened by brokensound77
October 2, 2024 18:36 10s
October 2, 2024 18:36 10s
[New Rule] Searches for sensitive files via Google Workspace Cloud Search Community #2597: Issue #4127 opened by brokensound77
October 2, 2024 18:18 10s
October 2, 2024 18:18 10s
[Rule Tuning] Add METADATA checks for non-aggregate ES|QL queries and fix existing Community #2596: Pull request #4126 opened by terrancedejesus
October 2, 2024 18:02 14s
October 2, 2024 18:02 14s
[New hunt] A sensitive canary file was accessed in Google Workspace Community #2595: Issue #4125 opened by brokensound77
October 2, 2024 17:11 10s
October 2, 2024 17:11 10s
[New hunt] All file activity by user and action in Google Workspace Community #2594: Issue #4124 opened by brokensound77
October 2, 2024 16:43 10s
October 2, 2024 16:43 10s
[New hunt] Sensitive file access by user in Google Workspace Community #2593: Issue #4123 opened by brokensound77
October 2, 2024 16:39 10s
October 2, 2024 16:39 10s