Improve detection with Sigma Correlations 🧐
You can now use the Sigma Correlations format when creating rules!
This will allow you to build detection logic acting on more than one event using the following correlation types:
* Event Count: count the number of events matching some conditions
* Value Count: count the number of unique values in a field for events matching some conditions
* Temporal: look at a sequence of events occuring in the specified timeframe, optionally in order
⚡Just like any Sigma rule, Sigma Correlation rules are applied to the event stream in real-time.
Here is an example of a rule using Sigma Correlations:
![Example Rule using Sigma Correlations](BASE/products/901462981/changelog/9493/inline-1c2ed8877db868d150ed625263e76383.jpg)
If you want to learn more, have a look at the [documentation](https://docs.sekoia.io/operation_center/rules_catalog/#correlation)