Replies: 1 comment
-
|
This is not expected behavior. The first thing I would suggest is to upgrade to the latest version - there have been alot of fixes and improvements to Detections since .80. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Version
2.4.80
Installation Method
Security Onion ISO image
Description
configuration
Installation Type
Distributed
Location
on-prem with Internet access
Hardware Specs
Meets minimum requirements
CPU
16
RAM
512
Storage for /
100
Storage for /nsm
1tb
Network Traffic Collection
span port
Network Traffic Speeds
Less than 1Gbps
Status
Yes, all services on all nodes are running OK
Salt Status
No, there are no failures
Logs
No, there are no additional clues
Detail
Hi team,
I would like to request some help with the security onion tunning interface of sigma rule, After I spend 3-month tunning the rule, it seems to reset everything of the core ruleset and put everything by default and the alert start triggering again, any suggestion.
Guidelines
Beta Was this translation helpful? Give feedback.
All reactions