Elastic × Kubernetes Audit
Production-ready Sigma rules generated by CloudSigma for the Kubernetes Audit schema.
10 SIEM × log-source combinations published in this batch. Every rule is generated and validated by CloudSigma; convert in-app to your specific dialect.
8 rules covering ATT&CK techniques on the Kubernetes Audit schema.
8 pages 023 rules covering ATT&CK techniques on the Linux auditd schema.
3 pages 0320 rules covering ATT&CK techniques on the GCP Audit Logs schema.
20 pages 0420 rules covering ATT&CK techniques on the Azure Activity schema.
20 pages 054 rules covering ATT&CK techniques on the Entra ID Audit schema.
4 pages 063 rules covering ATT&CK techniques on the Entra ID Sign-in schema.
3 pages 0720 rules covering ATT&CK techniques on the AWS CloudTrail schema.
20 pages 086 rules covering ATT&CK techniques on the Okta System Log schema.
6 pages 092 rules covering ATT&CK techniques on the Windows Security schema.
2 pages 103 rules covering ATT&CK techniques on the Windows Sysmon schema.
3 pagesProduction-ready Sigma rules generated by CloudSigma for the Kubernetes Audit schema.
Production-ready Sigma rules generated by CloudSigma for the Linux auditd schema.
Production-ready Sigma rules generated by CloudSigma for the GCP Audit Logs schema.
Production-ready Sigma rules generated by CloudSigma for the Azure Activity schema.
Production-ready Sigma rules generated by CloudSigma for the Entra ID Audit schema.
Production-ready Sigma rules generated by CloudSigma for the Entra ID Sign-in schema.
Production-ready Sigma rules generated by CloudSigma for the AWS CloudTrail schema.
Production-ready Sigma rules generated by CloudSigma for the Okta System Log schema.
Production-ready Sigma rules generated by CloudSigma for the Windows Security schema.
Production-ready Sigma rules generated by CloudSigma for the Windows Sysmon schema.