diff --git a/.github/workflows/sigma-test.yml b/.github/workflows/sigma-test.yml
index b86ff02ff..55b06a44e 100644
--- a/.github/workflows/sigma-test.yml
+++ b/.github/workflows/sigma-test.yml
@@ -12,6 +12,9 @@ on: # yamllint disable-line rule:truthy
       - master
       - oscd
 
+env:
+  EVTX_BASELINE_VERSION: v0.5
+
 jobs:
   test-sigma:
     runs-on: ubuntu-latest
@@ -42,10 +45,10 @@ jobs:
     steps:
     - uses: actions/checkout@v2
     - name: Download evtx-sigma-checker
-      run: wget --no-verbose https://github.com/NextronSystems/evtx-baseline/releases/latest/download/evtx-sigma-checker
+      run: wget --no-verbose https://github.com/NextronSystems/evtx-baseline/releases/download/$EVTX_BASELINE_VERSION/evtx-sigma-checker
     - name: Download and extract Windows 7 32-bit baseline
       run: |
-        wget --no-verbose https://github.com/NextronSystems/evtx-baseline/releases/latest/download/win7-x86.tgz
+        wget --no-verbose https://github.com/NextronSystems/evtx-baseline/releases/download/$EVTX_BASELINE_VERSION/win7-x86.tgz
         tar xzf win7-x86.tgz
     - name: Remove deprecated rules
       run: 'grep -ERl "^status: deprecated" rules | xargs -r rm -v'
@@ -60,10 +63,10 @@ jobs:
     steps:
     - uses: actions/checkout@v2
     - name: Download evtx-sigma-checker
-      run: wget --no-verbose https://github.com/NextronSystems/evtx-baseline/releases/latest/download/evtx-sigma-checker
+      run: wget --no-verbose https://github.com/NextronSystems/evtx-baseline/releases/download/$EVTX_BASELINE_VERSION/evtx-sigma-checker
     - name: Download and extract Windows 10 baseline
       run: |
-        wget --no-verbose https://github.com/NextronSystems/evtx-baseline/releases/latest/download/win10-client.tgz
+        wget --no-verbose https://github.com/NextronSystems/evtx-baseline/releases/download/$EVTX_BASELINE_VERSION/win10-client.tgz
         tar xzf win10-client.tgz
     - name: Remove deprecated rules
       run: 'grep -ERl "^status: deprecated" rules | xargs -r rm -v'
@@ -78,10 +81,10 @@ jobs:
     steps:
     - uses: actions/checkout@v2
     - name: Download evtx-sigma-checker
-      run: wget --no-verbose https://github.com/NextronSystems/evtx-baseline/releases/latest/download/evtx-sigma-checker
+      run: wget --no-verbose https://github.com/NextronSystems/evtx-baseline/releases/download/$EVTX_BASELINE_VERSION/evtx-sigma-checker
     - name: Download and extract Windows 11 baseline
       run: |
-        wget --no-verbose https://github.com/NextronSystems/evtx-baseline/releases/latest/download/win11-client.tgz
+        wget --no-verbose https://github.com/NextronSystems/evtx-baseline/releases/download/$EVTX_BASELINE_VERSION/win11-client.tgz
         tar xzf win11-client.tgz
     - name: Remove deprecated rules
       run: 'grep -ERl "^status: deprecated" rules | xargs -r rm -v'
@@ -91,3 +94,21 @@ jobs:
         ./evtx-sigma-checker --log-source tools/config/thor.yml --evtx-path Logs_Win11/ --rule-path rules/windows/ > findings.json
     - name: Show findings excluding known FPs
       run: ./.github/workflows/matchgrep.sh findings.json .github/workflows/known-FPs.csv
+    check-baseline-win2022:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - name: Download evtx-sigma-checker
+      run: wget --no-verbose https://github.com/NextronSystems/evtx-baseline/releases/download/$EVTX_BASELINE_VERSION/evtx-sigma-checker
+    - name: Download and extract Windows 2022 baseline
+      run: |
+        wget --no-verbose https://github.com/NextronSystems/evtx-baseline/releases/download/$EVTX_BASELINE_VERSION/win2022-evtx.tgz
+        tar xzf win2022-evtx.tgz
+    - name: Remove deprecated rules
+      run: 'grep -ERl "^status: deprecated" rules | xargs -r rm -v'
+    - name: Check for Sigma matches in baseline
+      run: |
+        chmod +x evtx-sigma-checker
+        ./evtx-sigma-checker --log-source tools/config/thor.yml --evtx-path win2022-evtx/ --rule-path rules/windows/ > findings.json
+    - name: Show findings excluding known FPs
+      run: ./.github/workflows/matchgrep.sh findings.json .github/workflows/known-FPs.csv
diff --git a/tests/check-baseline-local.sh b/tests/check-baseline-local.sh
index 4aeb592fc..484012ac6 100755
--- a/tests/check-baseline-local.sh
+++ b/tests/check-baseline-local.sh
@@ -69,7 +69,7 @@ wget --no-verbose --progress=bar --show-progress https://github.com/NextronSyste
 echo "Extract Windows 7 32-bit baseline events"
 tar xzf win7-x86.tgz
 echo
-echo "Check for Sigma matches in Windows 7 32-bit baseline (this takes at least 2 minutes)"
+echo "Check for Sigma matches in Windows 7 32-bit baseline"
 ./evtx-sigma-checker --log-source "${SIGMA}"/tools/config/thor.yml --evtx-path win7_x86/ --rule-path windows/ > findings-win7.json
 
 # Windows 10
@@ -91,6 +91,15 @@ tar xzf win11-client.tgz
 echo
 echo "Check for Sigma matches in Windows 11 baseline (this takes at least 6 minutes)"
 ./evtx-sigma-checker --log-source "${SIGMA}"/tools/config/thor.yml --evtx-path Logs_Win11/ --rule-path windows/ > findings-win11.json
+ Windows 2022
+echo
+echo "Download Windows 2022 baseline events"
+wget --no-verbose --progress=bar --show-progress https://github.com/NextronSystems/evtx-baseline/releases/latest/download/win2022-evtx.tgz
+echo "Extract Windows 2022 baseline events"
+tar xzf win2022-evtx.tgz
+echo
+echo "Check for Sigma matches in Windows 2022 baseline (this takes around 1 minute)"
+./evtx-sigma-checker --log-source "${SIGMA}"/tools/config/thor.yml --evtx-path win2022-evtx/ --rule-path windows/ > findings-win2022.json
 
 
 echo
@@ -104,6 +113,9 @@ echo "Windows 10:"
 echo
 echo "Windows 11:"
 "${SIGMA}"/.github/workflows/matchgrep.sh findings-win11.json "${SIGMA}"/.github/workflows/known-FPs.csv
+echo
+echo "Windows 2022:"
+"${SIGMA}"/.github/workflows/matchgrep.sh findings-win2022.json "${SIGMA}"/.github/workflows/known-FPs.csv
 
 echo
 read -p  "Removing temporary directory ${TMP}. Press Enter to continue." -s