Update defaults.yaml

2025-12-07 17:52:46 +01:00 · 2024-05-23 08:19:43 -04:00
parent a8c287c491
commit 1e6161f89c
1 changed files with 1 additions and 1 deletions
--- a/salt/soc/defaults.yaml
+++ b/salt/soc/defaults.yaml
@@ -1482,7 +1482,7 @@ soc:
              showSubtitle: true
            - name: Elastalerts
              description: ''
-              query: '_type:elastalert | groupby rule.name'
+              query: 'event.dataset:sigma.alert | groupby rule.name'
              showSubtitle: true
            - name: Alerts
              description: Show all alerts grouped by alert source