Elastic × Kubernetes Audit
Production-ready Sigma rules generated by CloudSigma for the Kubernetes Audit schema.
Last reviewed:
11 SIEM × log-source combinations published in this batch. Every rule is generated and validated by CloudSigma; convert in-app to your specific dialect.
7 rules covering ATT&CK techniques on the Kubernetes Audit schema.
7 pages 027 rules covering ATT&CK techniques on the Linux auditd schema.
7 pages 0326 rules covering ATT&CK techniques on the GCP Audit Logs schema.
26 pages 0427 rules covering ATT&CK techniques on the Azure Activity schema.
27 pages 055 rules covering ATT&CK techniques on the Entra ID Audit schema.
5 pages 064 rules covering ATT&CK techniques on the Entra ID Sign-in schema.
4 pages 0726 rules covering ATT&CK techniques on the AWS CloudTrail schema.
26 pages 089 rules covering ATT&CK techniques on the ModSecurity schema.
9 pages 097 rules covering ATT&CK techniques on the Okta System Log schema.
7 pages 103 rules covering ATT&CK techniques on the Windows Security schema.
3 pages 115 rules covering ATT&CK techniques on the Windows Sysmon schema.
5 pagesProduction-ready Sigma rules generated by CloudSigma for the Kubernetes Audit schema.
Production-ready Sigma rules generated by CloudSigma for the Linux auditd schema.
Production-ready Sigma rules generated by CloudSigma for the GCP Audit Logs schema.
Production-ready Sigma rules generated by CloudSigma for the Azure Activity schema.
Production-ready Sigma rules generated by CloudSigma for the Entra ID Audit schema.
Production-ready Sigma rules generated by CloudSigma for the Entra ID Sign-in schema.
Production-ready Sigma rules generated by CloudSigma for the AWS CloudTrail schema.
Production-ready Sigma rules generated by CloudSigma for the ModSecurity schema.
Production-ready Sigma rules generated by CloudSigma for the Okta System Log schema.
Production-ready Sigma rules generated by CloudSigma for the Windows Security schema.
Production-ready Sigma rules generated by CloudSigma for the Windows Sysmon schema.