← Library
kqlElastic-2.0from elastic/detection-rules

Unusual Discovery Signal Alert with Unusual Process Executable

Quality
92
FP risk
Forks
0
Views
0
Rule sourcerules/windows/discovery_signal_unusual_discovery_signal_proc_executable.toml
host.os.type:windows and event.kind:signal and kibana.alert.rule.rule_id:"1d72d014-e2ab-4707-b056-9b96abe7b511"