Hello there,
Actually as a SOC Analyst L1, I’m reaching out for some advice on tuning three OpenSearch alerts I’m seeing: ‘POSSIBLE DNS TUNNELING,’ ‘HIGH DNS REQUESTS RATE,’ and ‘HIGH DNS BYTES OUT.’
Your help is so appreciated there.
Regards.
Hello there,
Actually as a SOC Analyst L1, I’m reaching out for some advice on tuning three OpenSearch alerts I’m seeing: ‘POSSIBLE DNS TUNNELING,’ ‘HIGH DNS REQUESTS RATE,’ and ‘HIGH DNS BYTES OUT.’
Your help is so appreciated there.
Regards.