Threat Hunting with Jupyter Notebooks – Part 1: Connect to Elasticsearch

So today I wanted to talk about threat hunting with Jupyter Notebooks. I will cover what a Jupyter Notebook is. I will also cover what Elasticsearch is, this will be where the data we analyze is located. We will look at how to connect to our Elasticsearch instance, get it formatted in a way that […]

Create Elastalert Rules with Sigma

Today I wanted to do a quick blog post on how to use the tool Sigma to create Elastalert rules, for alerting purposes for your Elastic Stack instance. Sigma So, first things first, what is Sigma? According to the official Github site, “Sigma is a generic and open signature format that allows you to describe […]