Rule Optimization
Loading rule data...
Total Rules Tracked
7
Noisy Rules (>40% FP)
6
Auto-Disabled
2
Recommendations Pending
7
Noisy Rules
| Rule ID | Rule Name | FP 7d | FP 30d | FP 90d | Triggers | Recommendation |
|---|---|---|---|---|---|---|
| R-1042 | Excessive Failed Logins | 72% | 68% | 55% | 3,420 | Tune |
| R-1087 | Suspicious PowerShell Download | 64% | 58% | 51% | 1,890 | Tune |
| R-1123 | Outbound DNS to Rare TLD | 89% | 85% | 78% | 5,210 | Disable |
| R-1156 | Service Account Interactive Login | 45% | 48% | 42% | 980 | Exclude |
| R-1201 | Large File Upload to Cloud Storage | 58% | 52% | 47% | 2,100 | Tune |
| R-1245 | Registry Run Key Modification | 91% | 88% | 82% | 7,800 | Disable |
| R-1289 | Network Scan Detected | 35% | 40% | 38% | 650 | Exclude |
Auto-Tune Controls
Sigma Transpiler
Target SIEMs:
Transpiled output will appear here
Auto-Tune Audit Log
| Timestamp | Mode | Rules Reviewed | Rules Disabled |
|---|---|---|---|
| Feb 28, 2026, 02:32 PM | live | 48 | 3 |
| Feb 25, 2026, 09:15 AM | dry-run | 48 | 5 |
| Feb 20, 2026, 11:00 AM | live | 45 | 2 |
| Feb 15, 2026, 04:45 PM | dry-run | 45 | 4 |