Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
This Analytic rule will monitor Intrusion events in Cisco syslog data based on the provided Signature ID. This will create an incident if that Signature ID is found in the specified time range.
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | Cisco SD-WAN |
| ID | 232a1c75-63fc-4c81-8b18-b4a739fccba8 |
| Severity | High |
| Status | Available |
| Kind | Scheduled |
| Tactics | InitialAccess |
| Techniques | T1190, T1189 |
| Required Connectors | CiscoSDWAN |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
Syslog |
✓ | ✓ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊