paulmataruso/main
1
0
Fork 0
mirror of https://github.com/socfortress/Wazuh-Rules.git synced 2025-10-23 08:12:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update MITRE_TECHNIQUES_FROM_SYSMON_EVENT1.xml

Browse Source
This commit is contained in:
taylor_socfortress
2022-11-30 13:23:02 -06:00
committed by GitHub
parent 59d1c5d41e
commit 5fe8d5c6f1
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Windows_Sysmon/MITRE_TECHNIQUES_FROM_SYSMON_EVENT1.xml
View File

@@ -1167,6 +1167,8 @@
<mitre> <mitre>
<id>T1134</id> <id>T1134</id>
</mitre> </mitre>
<options>no_full_log</options>
<group>sysmon_event1,windows_sysmon_event1,</group>
</rule> </rule>
<!-- Rules 100600 - 100699: Correlation Rules --> <!-- Rules 100600 - 100699: Correlation Rules -->
<!-- Frequency rule to capture 3 sysmon event 1 Anomalies --> <!-- Frequency rule to capture 3 sysmon event 1 Anomalies -->