From 79fcc5e9a7172f8887cd740152a8dcec080ae764 Mon Sep 17 00:00:00 2001
From: Aegide <43409914+Aegide@users.noreply.github.com>
Date: Mon, 25 Apr 2022 21:10:31 +0200
Subject: [PATCH] Update README.md

https://github.com/SigmaHQ/sigma/blob/master/rules/windows/process_creation/proc_creation_win_susp_whoami.yml
---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 4da228152..450d53217 100644
--- a/README.md
+++ b/README.md
@@ -67,7 +67,7 @@ Florian wrote a short [rule creation tutorial](https://www.nextron-systems.com/2
 1. Download or clone the repository
 2. Check the `./rules` sub directory for an overview on the rule base
 3. Run `python sigmac --help` in folder `./tools` to get a help on the rule converter
-4. Convert a rule of your choice with `sigmac` like `./sigmac -t splunk -c tools/config/generic/sysmon.yml ./rules/windows/process_creation/win_susp_whoami.yml`
+4. Convert a rule of your choice with `sigmac` like `./sigmac -t splunk -c tools/config/generic/sysmon.yml ./rules/windows/process_creation/proc_creation_win_susp_whoami.yml`
 5. Convert a whole rule directory with `python sigmac -t splunk -r ../rules/proxy/`
 6. Check the `./tools/config` folder and the [wiki](https://github.com/Neo23x0/sigma/wiki/Converter-Tool-Sigmac) if you need custom field or log source mappings in your environment