← Library
kqlElastic-2.0from elastic/detection-rules

Multiple Alerts in Different ATT&CK Tactics on a Single Host

Quality
92
FP risk
Forks
0
Views
0
Rule sourcerules/cross-platform/multiple_alerts_different_tactics_host.toml
signal.rule.name:* and kibana.alert.rule.threat.tactic.id:*