IMPORTANT: No additional bug fixes or documentation updates
will be released for this version. For the latest information, see the
current release documentation.
- This plugin was created and is maintained by a partner.
- Change log
For plugins not bundled by default, it is easy to install by running bin/logstash-plugin install logstash-filter-threats_classifier. See Working with plugins for more details.
This plugin uses the cyber-kill-chain and MITRE representation language to enrich security logs with information about the attacker’s intent—what the attacker is trying to achieve, who they are targeting, and how they plan to carry out the attack.
Documentation for the filter-threats_classifier plugin is maintained by the creators.
This is a third-party plugin. For bugs or feature requests, open an issue in the plugins-filters-threats_classifier Github repo.