When I am creating triggers in IDR I do not see any custom detections rules I’ve created. Further, the list of detection rules to choose from is relatively short compared to everything seen in the Detection Rules tab. I’m fairly new to IDR/Connect Automation so there must be something I’m missing or not understanding?
Thanks,
Craig
Hi Craig,
when creating a trigger you would select IDR Detection Rule
Then you would select the data type for which your rule applies to, such as Raw Log
The you would find your Custom Rule in the List, you may need to search for it or skip to the final page - mine is called Testing Webhook
Once you select your Rule you can continue with the trigger details
David
