8000 Issues with feed source total indicator number mismatch and timestamp issue · Issue #9902 · elastic/integrations · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Issues with feed source total indicator number mismatch and timestamp issue #9902

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Gladsy7 opened this issue May 16, 2024 · 3 comments
Open

Issues with feed source total indicator number mismatch and timestamp issue #9902

Gladsy7 opened this issue May 16, 2024 · 3 comments
Labels
Integration:ti_threatconnect ThreatConnect (Partner supported) release-pending

Comments

@Gladsy7
Copy link
Gladsy7 commented May 16, 2024

  1. Seeing Issues with the total indicator number mismatch after the integration with elastic, compared to the actual number listed in TC. There was a total of 10 indicators missing from the actual number shown in TC.

  2. Timestamp Issues are seen after integration, seeing errors on Unable to display indicator information
    image
    with Elastic
@jvalente-salemstate
Copy link
Contributor

Is TC ThreatConnect? Or is this from a different integration?

The tables and JSON tables should still show your original document. I am seeing this from the M365 Defender integration (event data stream, for AlertInfo) and that is happening when the event.type is indicator without any indicator details.

@Gladsy7
Copy link
Author
Gladsy7 commented May 23, 2024

@jvalente-salemstate Yes TC is Threat Connect. Yea, no all the indicators.

@jvalente-salemstate jvalente-salemstate mentioned this issue Jun 7, 2024
Closed
@botelastic
Copy link
botelastic bot commented May 23, 2025

Hi! We just realized that we haven't looked into this issue in a while. We're sorry! We're labeling this issue as Stale to make it hit our filters and make sure we get back to it as soon as possible. In the meantime, it'd be extremely helpful if you could take a look at it as well and confirm its relevance. A simple comment with a nice emoji will be enough :+1. Thank you for your contribution!

@botelastic botelastic bot added the Stalled label May 23, 2025
@andrewkroh andrewkroh added the Integration:ti_threatconnect ThreatConnect (Partner supported) label May 28, 2025
@botelastic botelastic bot removed the Stalled label May 28, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Integration:ti_threatconnect ThreatConnect (Partner supported) release-pending
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@andrewkroh @Gladsy7 @jvalente-salemstate
0