Use Case Explorer Filters

Use these filters in the example script to download a Use Case Explorer report in CSV format.

Rule Tests

Log source

Log source type

Log source group

Other tests: Ariel search

Other tests: Domain

Rule name

Rule enabled: True

Rule

Type: Events

Origin: System

Rule category: Custom rule

Group: Amazon AWS

Group: Botnet, Category Definitions (Multiple filter selection)

Action: Event is part of an offense

Response: Email

Tactic: Collection

Technique: Data Obfuscation

Mapping confidence: High

Mapping enabled: True

Tactic: Initial Access, Impact (Multiple filter selection)