InsightIDR

Event Sources All about InsightIDR event source management and configuration. Log Search Everything related to searching and visualizing your InsightIDR logs. API All about the InsightIDR API. Check out the InsightIDR API docs for investigations and threats and log search. Automation Discussions on InsightIDR automation and automation workflows used to extend and integrate the product. Alerts Topics related to managing and customizing InsightIDR alerts.

Topic	Replies	Views	Activity
About the InsightIDR category InsightIDR	2	84	June 5, 2020
Custom Alert Collection Alerts	3	81	January 15, 2021
Custom dasboard "Alerts by attack chain" Alerts InsightIDR	3	69	January 15, 2021
Why use InsightIDR when Windows Defender ATP is in place? InsightIDR	3	194	January 15, 2021
Microsoft Defender ATP Setup Event Sources microsoft_atp	2	54	January 13, 2021
Cloud environment without AD or LDAP InsightIDR	3	89	December 16, 2020
Insight IDR support ingesting logs that are .7z Event Sources	3	69	December 16, 2020
Single email address for IDR alerts Alerts	3	47	December 15, 2020
Countermeasures against stolen FireEye tools InsightIDR	3	160	December 10, 2020
Getting the Most Out of InsightIDR Universal Event Sources Event Sources	8	311	December 8, 2020
SAP Audit Logs Event Sources	8	300	December 8, 2020
Tracking down User lockout source InsightIDR	2	73	December 3, 2020
Email InsightIDR reports to specific recipients InsightIDR	3	51	November 20, 2020
IOC Aging via TIP InsightIDR research	4	102	November 11, 2020
Block user in AD from InsightIDR Automation InsightIDR_Disable_User_in_Active_Directory	3	244	November 5, 2020
Question on log search Log Search	8	148	October 27, 2020
IDR Integration with Sigma / YARA for standardised log queries InsightIDR	2	72	October 22, 2020
Sysmon Log Collection InsightIDR	4	158	October 22, 2020
Is there a way to add in additional threatfeed sources - e.g. AlienvaultOTX? InsightIDR	5	154	October 19, 2020
Introducing the InsightIDR Detection Library! InsightIDR	2	160	October 15, 2020
Multiple groupby works great but InsightIDR	2	52	October 14, 2020
MVISION ePO and insightIDR integration Event Sources	3	67	September 29, 2020
Cisco AMP improvement? Event Sources	3	97	September 29, 2020
Multiple Organization Authentications - exclude specific account InsightIDR	3	75	September 24, 2020
Custom API Event Sources Event Sources	2	83	September 8, 2020
Extract all "Prefetch Cache" entries in JSON format InsightIDR	4	102	August 31, 2020
Using the API to upload Recorded Future IOCs to an IDR Custom Threat Feed API recorded_future	1	372	August 20, 2020
Search for DNS activity which is not using UDP port 53 Log Search	1	84	August 17, 2020
Why is InsightIDR "Automation" so limited? Cannot edit/create playbooks Automation	3	263	August 13, 2020
Notable Behaviors InsightIDR	4	153	August 13, 2020