Detection rules › By event

Microsoft-Windows-Security-Auditing event 5137

10 detection rules reference this event. View event page.

Sigma (1)

Potential Kerberos Coercion by Spoofing SPNs via DNS Manipulation severity high T1557.003

Elastic (5)

Splunk (4)