Rules by Product and UseCase

April 15, 2026 · View on GitHub

Vendor: Unix

Product: rsyslog

Use-Case: Malware

RulesModelsMITRE ATT&CK® TTPsActivity TypesParsers
20110
Event TypeRulesModels
network-connection-failedTA0011 - TA0011
A-NET-TI-H-Outbound: Outbound connection to a known malicious host
A-NETF-TI-H-Outbound: Outbound failed connection to a known malicious host