Hello everyone, I’m currently working on a SIEM project. I have successfully collected logs from Suricata as part of the setup. Now, in this phase, I need to create a use case and test it. Could anyone provide an example of creating a use case and some scenarios?
Please describe a bit more what you are exactly looking for, it’s hard to tell by the short description you provided.