From edf1740ec4e2d1ffaf729f7b523cb04902da9977 Mon Sep 17 00:00:00 2001
From: Austin Songer <austin@songer.pro>
Date: Thu, 22 Jul 2021 11:05:31 -0500
Subject: [PATCH] Update sysmon_dns_over_https_enabled.yml

---
 .../windows/registry_event/sysmon_dns_over_https_enabled.yml  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rules/windows/registry_event/sysmon_dns_over_https_enabled.yml b/rules/windows/registry_event/sysmon_dns_over_https_enabled.yml
index 777261b3..feb47971 100644
--- a/rules/windows/registry_event/sysmon_dns_over_https_enabled.yml
+++ b/rules/windows/registry_event/sysmon_dns_over_https_enabled.yml
@@ -17,11 +17,11 @@ detection:
     selection1:
         TargetObject:
             - 'HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\BuiltInDnsClientEnabled'
-		Details: 'DWORD (1)'
+	Details: 'DWORD (1)'
     selection2:
         TargetObject:
             - 'HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\DnsOverHttpsMode'
-		Details: 'DWORD (secure)'
+	Details: 'DWORD (secure)'
     condition: selection1 or selection2
 falsepositives:
 - "Unlikely"