SIEM
Instance Start Use Cases
Grouped by
Detection Method
Match Alert
Aggregate Count
Blacklist Alert
Whitelist Alert
Levenshtein Score Alert
Rolling Whitelist Alert
Shannon Entropy Score Alert
Threshold Alert
Log Source Examples
Possible False Positives