- 필수 기능
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- 디지털 경험
- 소프트웨어 제공
- 보안
- 로그 관리
- 관리
- 인프라스트럭처
- ci
- containers
- csm
- ndm
- otel_guides
- overview
- slos
- synthetics
- tests
- 워크플로
Detect when a host is potentially infected with a cryptominer.
This rule compares the @network.client.ip
standard attribute to a curated list of cryptomining pools.
{{host}}
host should be contacting a cryptomining pool.Note You can use the signal sidepanel to assist with the initial investigation by looking at CPU utilization and processes to identify unauthorized activity.
restrictedToOrgs
settings, launching rule to all of production.