Dean Luxton
Dean Luxton
# PR Summary There are 24 new detections, updates to 12 detections, and 5 new lookup files included in this PR. Also included a whole stack of AD centric detections...
Would we be able to update the list of security domains to something like this access, anomaly, application, cloud, cti, email, endpoint, network, vulnerability, web
Can we please update the sharing context? This wonderful app uses the knowledge objects, I find myself updating the sharing permissions regularly. https://splunkbase.splunk.com/app/6286
## DL PR ## Updates to existing ESCU Detections ### detect_large_outbound_icmp_packets.yml - Added Risk Message - Updated Risk Object from dest to dest_ip - Added another risk object for src_ip...
Hey! Not sure if this is the right place to request this. But, theres a couple of things I'd be keen to have added to the web datamodel. ### http_content_type_length...
### 1. summaries_only macro missing from tstats search - this will help when folks accidentally submit a tstats based detection which directly references summariesonly=t - spent far too long to...