From 2f683b9ab79604228b4dfd5113467ab90b370457 Mon Sep 17 00:00:00 2001
From: frack113 <magicfrancois@gmail.com>
Date: Sat, 21 Aug 2021 10:00:48 +0200
Subject: [PATCH] fix powershell_clear_powershell_history error

---
 .../windows/powershell/powershell_clear_powershell_history.yml  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/windows/powershell/powershell_clear_powershell_history.yml b/rules/windows/powershell/powershell_clear_powershell_history.yml
index ff01b1534..430e93052 100644
--- a/rules/windows/powershell/powershell_clear_powershell_history.yml
+++ b/rules/windows/powershell/powershell_clear_powershell_history.yml
@@ -14,7 +14,7 @@ tags:
 logsource:
     product: windows
     service: powershell
-    definition:  4104 Script block logging must be enabled , 4103 Module Logging must be enabled
+    definition: 4104 Script block logging must be enabled , 4103 Module Logging must be enabled
 detection:
     selection_1:
         EventID: 4104