Skip to content

[Feature Request] Add 'run rule' for time range option to the Security API #117557

New issue
New issue
Open
Open
[Feature Request] Add 'run rule' for time range option to the Security API#117557

Description

@jethr0null

jethr0null
openedon Nov 4, 2021

Describe the feature: As a user, I want the ability to run a rule for events that occurred between a specified starting date/time and ending date/time.

For Example:
Outage starts: 1200
Outage resolved: 1800
We need a capability to run all of our detection rules between any log events between 1200-1800

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

No one assigned

    Labels

    Feature:Detection RulesAnything related to Security Solution's Detection RulesTeam:Detection Rule ManagementSecurity Detection Rule Management TeamTeam:Detections and RespSecurity Detection Response TeamTheme: simp_prot_mgmtSecurity Solution Simplified Protection Management Theme

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions