Hi team,Could someone please assist me with the native dashboard query for the Custom Curated Detection Dashboard? I’m looking to build the following: A table listing all curated rule sets along with their status — specifically indicating whether they are enabled, and whether each rule is precise vs. broad (for both detection and alerting categories). A table showing all curated rules that have fired, including an indicator of whether each is a detection-only event or an alert. Thanks in advance for your help

Question

curated detection custom dashboard

+8

Hi team,

Could someone please assist me with the native dashboard query for the Custom Curated Detection Dashboard? I’m looking to build the following:

A table listing all curated rule sets along with their status — specifically indicating whether they are enabled, and whether each rule is precise vs. broad (for both detection and alerting categories).
A table showing all curated rules that have fired, including an indicator of whether each is a detection-only event or an alert.

Thanks in advance for your help

+8

Here’s the version I used earlier — any suggestions for improvement?

How can I determine how many of the curated rules are detections versus alerts?