Details
| ID | SplunkPy |
|---|---|
| Type | classification |
| Version | -1 |
| From Version | 6.0.0 |
| Default Incident Type | — |
| Feed | No |
Key Type Map
| Key | Incident Type |
|---|---|
Access - Brute Force Access Behavior Detected - Rule |
Access |
Access - Brute Force Access Behavior Detected Over 1d - Rule |
Access |
Access - Concurrent App Accesses - Rule |
Access |
Access - Excessive Failed Logins - Rule |
Access |
Access - High or Critical Priority Individual Logging into Infected Machine - Rule |
Access |
Endpoint - High Or Critical Priority Host With Malware - Rule |
Malware |
Threat - Suspicious Email - URL - Rule |
Phishing Alerts |