IMPORTANT: No additional bug fixes or documentation updates
will be released for this version. For the latest information, see the
current release documentation.
Threats_classifier filter plugin
editThreats_classifier filter plugin
edit- This plugin was created and is maintained by a partner.
- Change log
Installation
editFor plugins not bundled by default, it is easy to install by running bin/logstash-plugin install logstash-filter-threats_classifier
. See Working with plugins for more details.
Description
editThis plugin uses the cyber-kill-chain and MITRE representation language to enrich security logs with information about the attacker’s intent—what the attacker is trying to achieve, who they are targeting, and how they plan to carry out the attack.
Documentation
editDocumentation for the filter-threats_classifier plugin is maintained by the creators.
Getting Help
editThis is a third-party plugin. For bugs or feature requests, open an issue in the plugins-filters-threats_classifier Github repo.