Techniques
Sample rules
My First Rule
- source: elastic
- technicques:
Description
This rule helps you test and practice using alerts with Elastic Security as you get set up. It’s not a sign of threat activity.
Detection logic
event.kind:event
LoFP
/
this rule is not looking for threat activity. disable the rule if you're already familiar with alerts.This rule helps you test and practice using alerts with Elastic Security as you get set up. It’s not a sign of threat activity.
event.kind:event