{ "detections-page": { "id": "detections-page", "columns": [ { "columnHeaderType": "not-filtered", "id": "@timestamp", "initialWidth": 200 }, { "columnHeaderType": "not-filtered", "displayAsText": "Rule", "id": "signal.rule.name", "initialWidth": 180, "linkField": "signal.rule.id" }, { "columnHeaderType": "not-filtered", "displayAsText": "Severity", "id": "signal.rule.severity", "initialWidth": 105 }, { "columnHeaderType": "not-filtered", "displayAsText": "Risk Score", "id": "signal.rule.risk_score", "initialWidth": 100 }, { "columnHeaderType": "not-filtered", "displayAsText": "Reason", "id": "signal.reason", "initialWidth": 450 }, { "columnHeaderType": "not-filtered", "id": "host.name" }, { "columnHeaderType": "not-filtered", "id": "user.name" }, { "columnHeaderType": "not-filtered", "id": "process.name" }, { "columnHeaderType": "not-filtered", "id": "file.name" }, { "columnHeaderType": "not-filtered", "id": "source.ip" }, { "columnHeaderType": "not-filtered", "id": "destination.ip" } ], "defaultColumns": [ { "columnHeaderType": "not-filtered", "id": "@timestamp", "initialWidth": 200 }, { "columnHeaderType": "not-filtered", "displayAsText": "Rule", "id": "signal.rule.name", "initialWidth": 180, "linkField": "signal.rule.id" }, { "columnHeaderType": "not-filtered", "displayAsText": "Severity", "id": "signal.rule.severity", "initialWidth": 105 }, { "columnHeaderType": "not-filtered", "displayAsText": "Risk Score", "id": "signal.rule.risk_score", "initialWidth": 100 }, { "columnHeaderType": "not-filtered", "displayAsText": "Reason", "id": "signal.reason", "initialWidth": 450 }, { "columnHeaderType": "not-filtered", "id": "host.name" }, { "columnHeaderType": "not-filtered", "id": "user.name" }, { "columnHeaderType": "not-filtered", "id": "process.name" }, { "columnHeaderType": "not-filtered", "id": "file.name" }, { "columnHeaderType": "not-filtered", "id": "source.ip" }, { "columnHeaderType": "not-filtered", "id": "destination.ip" } ], "dateRange": { "start": "2021-09-08T18:30:00.000Z", "end": "2021-09-09T18:29:59.999Z" }, "deletedEventIds": [ ], "excludedRowRendererIds": [ "alerts", "auditd", "auditd_file", "library", "netflow", "plain", "registry", "suricata", "system", "system_dns", "system_endgame_process", "system_file", "system_fim", "system_security_event", "system_socket", "threat_match", "zeek" ], "expandedDetail": { }, "filters": [ ], "kqlQuery": { "filterQuery": null }, "indexNames": [ ".siem-signals-default" ], "isSelectAllChecked": false, "itemsPerPage": 25, "itemsPerPageOptions": [ 10, 25, 50, 100 ], "loadingEventIds": [ ], "selectedEventIds": { }, "showCheckboxes": true, "sort": [ { "columnId": "@timestamp", "columnType": "date", "sortDirection": "desc" } ], "savedObjectId": null, "version": null, "footerText": "alerts", "title": "", "activeTab": "query", "prevActiveTab": "query", "dataProviders": [ ], "description": "", "eqlOptions": { "eventCategoryField": "event.category", "tiebreakerField": "", "timestampField": "@timestamp", "query": "", "size": 100 }, "eventType": "all", "eventIdToNoteIds": { }, "highlightedDropAndProviderId": "", "historyIds": [ ], "isFavorite": false, "isLive": false, "isSaving": false, "kqlMode": "filter", "timelineType": "default", "templateTimelineId": null, "templateTimelineVersion": null, "noteIds": [ ], "pinnedEventIds": { }, "pinnedEventsSaveObject": { }, "show": false, "status": "draft", "initialized": true, "updated": 1631168731040 } }