Skip to content

Commit 5f0509f

Browse files
w0rk3rw0rk3r
committed
Update discovery_potential_port_scan_detected.toml
1 parent 53e6d1f commit 5f0509f

File tree

1 file changed

+1
-0
lines changed

1 file changed

+1
-0
lines changed

rules/network/discovery_potential_port_scan_detected.toml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@ connection attempts from a single internal source to a wide range of destination
1717
from = "now-9m"
1818
language = "esql"
1919
license = "Elastic License v2"
20+
max_signals = 5
2021
name = "Potential Network Scan Detected"
2122
risk_score = 21
2223
rule_id = "0171f283-ade7-4f87-9521-ac346c68cc9b"

0 commit comments

Comments
 (0)