Update 200200-osquery.xml

2025-10-31 03:43:32 +00:00 · 2023-02-07 10:59:42 -06:00
parent 69582a0eb8
commit 36303c9f58
1 changed files with 1 additions and 1 deletions
--- a/Osquery/200200-osquery.xml
+++ b/Osquery/200200-osquery.xml
@@ -417,7 +417,7 @@
  <group>bpf_process_events,</group>
  </rule>
-  <rule id="200272" level="12">
+  <rule id="200272" level="10">
  <if_sid>200223</if_sid>
  <field name="columns.cmdline">chage|passwd</field>
  <field name="columns.cmdline">--list|-l|-S|--status</field>