mirror of
https://github.com/valitydev/SigmaHQ.git
synced 2024-11-08 18:23:52 +00:00
12 lines
268 B
YAML
12 lines
268 B
YAML
title: Conversion of generic rules into Sysmon
|
|
order: 10
|
|
logsources:
|
|
process_creation:
|
|
category: process_creation
|
|
product: windows
|
|
conditions:
|
|
EventID: 1
|
|
rewrite:
|
|
product: windows
|
|
service: sysmon
|