diff --git a/Crowdstrike/200850-crowdstrike.xml b/Crowdstrike/200850-crowdstrike.xml
index ff30197..6d9cce5 100644
--- a/Crowdstrike/200850-crowdstrike.xml
+++ b/Crowdstrike/200850-crowdstrike.xml
@@ -1,6 +1,7 @@
 <group name="crowdstrike,siemconnector">
   <rule id="200850" level="5">
     <field name="metadata.customerIDString">\.+</field>
+    <options>no_full_log</options>
     <description>CrowdStrike Alert - $(event.OperationName)</description>
   </rule>
   <rule id="200851" level="1">
@@ -16,6 +17,7 @@
   <rule id="200853" level="8">
     <if_sid>200850</if_sid>
     <field name="event.Severity">\.+</field>
+    <options>no_full_log</options>
     <description>CrowdStrike Alert - $(event.DetectDescription)</description>
   </rule>
 </group>