We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
Fix within field docs: use Go duration format instead of OpenSearch date math
docs: Update CEL function table, add CEL best practices, and include a YAML syntax note for filters.
docs: Add guidelines for when to use correlation versus simple triggers.
docs: Clarify `deduplicateBy`/`groupBy` field mapping, mutual exclusivity, and correlation operator usage in `Implementing-Rules.md`.
docs: Add .DS_Store to .gitignore.
Updated Implementing Rules (markdown)
docs: Add Tools Reference page and update Playground, Home, and Development Workflow documentation to integrate new utilities.
docs: Update terminology to replace `afterEvents` with `correlation` across all wiki pages for consistency.
docs: Remove redundant top-level headings from all wiki pages.
doc: Extract CEL overload documentation into a dedicated page and update all references.
docs: Add parameterized function syntax in `Advanced-Features` for clarity and consistency.
docs: Correct internal wiki links for Performance & Troubleshooting and CEL Overloads Guide.
Updated Performance Troubleshooting (markdown)
Updated Architecture Overview (markdown)
feat: Expand event schema, introduce new temporal CEL functions, and enhance filter steps with optional `where` conditions.
docs: Update `Advanced-Features` to clarify function type support, add field types column, and revise examples for consistency.
feat: Add list-based string comparison functions, new numerical comparison operators, and clarify type support for existing functions.
docs: clarify `delete` filter step's purpose, example, and `raw` field immutability.
docs: Update correlation rule examples and descriptions to use `{{.path}}` syntax for values.
docs: Clarify `raw` field protection and update sanitization guidelines to focus on removing temporary `log.*` fields for storage optimization.
feat: Extend the Standard Event Schema with new fields and update filter guidelines to protect the raw field for auditing.
docs: Revamp Components overview, expand architecture details, and refine plugin categorization.
docs: Refine rule definitions, introduce a standard event schema, and clarify filter steps.
feat: introduce EventProcessor Playground documentation, update Home page with a link, and add a .gitignore file.
docs: Update and expand monitoring health options to detail internal stats, system logs, and Prometheus/Grafana usage.
feat: expand grok filter step documentation with extensibility details, a comprehensive list of default standard patterns, and an updated example.
Swap rocket and building emojis for 'Getting Started' and 'Operations & Integration' headings.
docs: Add comprehensive wiki documentation for UTMStack, including best practices, troubleshooting, and development guides.
Updated End‐User Documentation (markdown)
Updated Documentation (markdown)