- This plugin was created and is maintained by a partner.
- Change log
For plugins not bundled by default, it is easy to install by running
bin/logstash-plugin install logstash-filter-threats_classifier. See Working with plugins for more details.
This plugin uses the cyber-kill-chain and MITRE representation language to enrich security logs with information about the attacker’s intent—what the attacker is trying to achieve, who they are targeting, and how they plan to carry out the attack.
Documentation for the filter-threats_classifier plugin is maintained by the creators.