valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-06 17:35:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

config: thor - powershell classic

Browse Source
This commit is contained in:
Florian Roth 2021-07-02 14:14:48 +02:00
parent 03e2b9d376
commit ba94b8396c
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
tools/config/thor.yml
View File

@ -176,6 +176,11 @@ logsources:
service: powershell
sources:
- "WinEventLog:Microsoft-Windows-PowerShell/Operational"
windows-classicpowershell:
product: windows
service: powershell-classic
sources:
- "WinEventLog:Windows PowerShell"
windows-taskscheduler:
product: windows
service: taskscheduler