InsightIDR

Event Sources All about InsightIDR event source management and configuration. Log Search Everything related to searching and visualizing your InsightIDR logs. Automation Discussions on InsightIDR automation and automation workflows used to extend and integrate the product. Alerts Topics related to managing and customizing InsightIDR alerts. API All about the InsightIDR API. Check out the InsightIDR API docs for investigations and threats and log search.

Topic	Replies	Views	Activity
About the InsightIDR category InsightIDR	2	75	June 5, 2020
Email InsightIDR reports to specific recipients InsightIDR	3	37	November 20, 2020
IOC Aging via TIP InsightIDR research	4	64	November 11, 2020
SAP Audit Logs Event Sources	7	200	November 9, 2020
Block user in AD from InsightIDR Automation InsightIDR_Disable_User_in_Active_Directory	3	195	November 5, 2020
Question on log search InsightIDR	8	116	October 27, 2020
Getting the Most Out of InsightIDR Universal Event Sources Event Sources	3	235	October 22, 2020
IDR Integration with Sigma / YARA for standardised log queries InsightIDR	2	48	October 22, 2020
Sysmon Log Collection InsightIDR	4	103	October 22, 2020
Is there a way to add in additional threatfeed sources - e.g. AlienvaultOTX? InsightIDR	5	120	October 19, 2020
Introducing the InsightIDR Detection Library! InsightIDR	2	139	October 15, 2020
Multiple groupby works great but InsightIDR	2	46	October 14, 2020
MVISION ePO and insightIDR integration Event Sources	3	60	September 29, 2020
Cisco AMP improvement? Event Sources	3	71	September 29, 2020
Multiple Organization Authentications - exclude specific account InsightIDR	3	59	September 24, 2020
Custom API Event Sources Event Sources	2	74	September 8, 2020
Extract all "Prefetch Cache" entries in JSON format InsightIDR	4	73	August 31, 2020
Using the API to upload Recorded Future IOCs to an IDR Custom Threat Feed InsightIDR recorded_future	1	292	August 20, 2020
Search for DNS activity which is not using UDP port 53 Log Search	1	67	August 17, 2020
Why is InsightIDR "Automation" so limited? Cannot edit/create playbooks Automation	3	229	August 13, 2020
Notable Behaviors InsightIDR	4	116	August 13, 2020
Filter Event Windows InsightIDR	3	82	August 4, 2020
Use a log search query to identify any LDAP communications Log Search	1	110	July 30, 2020
Selection of queries for working with DNS data Log Search	1	79	July 30, 2020
A selection of Network Flow queries for alerting on inbound applications Log Search	1	87	July 29, 2020
Better Email Alert Notificatoins Alerts	4	162	July 28, 2020
Email Headers from Office 365 InsightIDR	2	95	July 27, 2020
Connection Paths - Data Collection Management InsightIDR	5	118	July 17, 2020
Cisco ISE Logs Event Sources	18	543	July 8, 2020
Why is Microsoft Defender ATP plugin ONLY available in InsightConnect NOT InsightIDR? InsightIDR	5	189	June 26, 2020