IDH No alerts in Dashboard but alerts are in Kibana Opencanary Module #10176

JAEP2 · 2023-04-21T07:18:25Z

JAEP2
Apr 21, 2023

Dear All,

I activated PLAYBOOK after installation, I imported and activated the IDH rules in playbook

The IDH Alerts appear in Kibana in Opencanary module, but not appear on Main Alerts.

SO version 2.3.220.

What I can do to have the alerts in SOC Main Alerts menu?

Thanks in advanced

Kind Regards

JAEP2 · 2023-04-22T17:02:41Z

JAEP2
Apr 22, 2023
Author

Upgraded to 2.3.230 and still no alerts in Alerts, but IDH alerts are in event.module canary in Kibana, and Hunt.
I read all the IDH issues, and didn't find the problem.
Will be apreciated some clues to follow.

Kind regards

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

IDH No alerts in Dashboard but alerts are in Kibana Opencanary Module #10176

Uh oh!

{{title}}

Uh oh!

Replies: 1 comment

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

IDH No alerts in Dashboard but alerts are in Kibana Opencanary Module #10176

Uh oh!

JAEP2 Apr 21, 2023

Replies: 1 comment

Uh oh!

JAEP2 Apr 22, 2023 Author

JAEP2
Apr 21, 2023

JAEP2
Apr 22, 2023
Author