Hi All,
Please help us, how to write the use cases for Network devices in SIEM.
Please share with me if have any example use cases format and we are not ware up on how to write the use cases.
thanks!
Solved
How to write a use cases for any network devices
+5Best answer by muniraja1
This is extremely broad and I'm not certain where you are looking to start. I would point out that @tameri posted a nice reference on using Zeek with search last week https://www.googlecloudcommunity.com/gc/SIEM-Forum/Chronicle-Search-Zeek-A-Quick-Reference/m-p/723556#M697 and we maintain a community rule set https://github.com/chronicle/detection-rules that contains examples that could be used as a starting point.
Thanks for the sharing links, now got it, how to write the use cases.
+22This is extremely broad and I'm not certain where you are looking to start. I would point out that @tameri posted a nice reference on using Zeek with search last week https://www.googlecloudcommunity.com/gc/SIEM-Forum/Chronicle-Search-Zeek-A-Quick-Reference/m-p/723556#M697 and we maintain a community rule set https://github.com/chronicle/detection-rules that contains examples that could be used as a starting point.
+5This is extremely broad and I'm not certain where you are looking to start. I would point out that @tameri posted a nice reference on using Zeek with search last week https://www.googlecloudcommunity.com/gc/SIEM-Forum/Chronicle-Search-Zeek-A-Quick-Reference/m-p/723556#M697 and we maintain a community rule set https://github.com/chronicle/detection-rules that contains examples that could be used as a starting point.
Thanks for the sharing links, now got it, how to write the use cases.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.