Hello community
I want to ask if there is any way to list the rules into a dashboard that uses a specific log_type (metadata.log_type) or in a search, maybe.
Thanks in advance
Page 1 / 1
Yes, in a dashboard referencing the detections dataset, for example, you can filter on detection.collection_elements.references.event.metadata.log_type or use that to show the log_type.
Ex.:
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.