IOCs based Rules
129 views
Skip to first unread message
John Carry
Jul 5, 2023, 1:59:57 AM7/5/23
to Wazuh mailing list
Dear Wazuh Team,
Please provide us way to create IOCs based rules, for example what if we want to trigger rule for Hashes, IPs, File Names etc.
Please provide us way to create IOCs based rules, for example what if we want to trigger rule for Hashes, IPs, File Names etc.
Pacome Kemkeu
Jul 5, 2023, 4:05:02 AM7/5/23
to Wazuh mailing list
Hello John,
The following blog post have all the coverage for your request, kindly take a look:
I hope you find this helpful.
The following blog post have all the coverage for your request, kindly take a look:
- URLHaus: Detecting malicious URLs using Wazuh and URLhaus
- ABuseIPDB: Detecting known bad actors with Wazuh and AbuseIPDB
Building IoCs files for Threat Intel: build your own IoC files for threat intelligence with Wazuh XDR
I hope you find this helpful.
Reply all
Reply to author
Forward
0 new messages