关于“Chronicle SIEM: Multi Event Rules”的评价

Mafyul I. · 已于 11 months前审核

Kylie H. · 已于 11 months前审核

Arlan T. · 已于 11 months前审核

Nina R. · 已于 11 months前审核

Aziz S. · 已于 11 months前审核

GEETHA NAGA SRI LAKSHMI S. · 已于 11 months前审核

Sairam R. · 已于 11 months前审核

Nimeshi D. · 已于 11 months前审核

Himesh p. · 已于 11 months前审核

Sunami D. · 已于 11 months前审核

Prashant K. · 已于 11 months前审核

Alif F. · 已于 11 months前审核

Shivraj B. · 已于 11 months前审核

Aditya P. · 已于 11 months前审核

Shouvik M. · 已于 11 months前审核

Subham Maity G. · 已于 11 months前审核

Souvik D. · 已于 11 months前审核

Geetesh K. · 已于 11 months前审核

Ayub K. · 已于 11 months前审核

Nishant C. · 已于 11 months前审核

Tanmay C. · 已于 11 months前审核

Lekhit P. · 已于 11 months前审核

Sonalika s. · 已于 11 months前审核

In the last question it asks for you to filter out users with $user.graph.entity.user.department != "Information Technology". However, tim.smith is returned and is shown as being a member of Information Technology. So, both the example code and the example are wrong as they didn't filter out that user with the rule.

Andrew H. · 已于 11 months前审核

Anand B. · 已于 11 months前审核