From c2f3ee25a88d592a2ca07e8d588f8c2e68f171c8 Mon Sep 17 00:00:00 2001
From: Thomas Patzke <thomas@patzke.org>
Date: Tue, 10 Jan 2017 22:32:55 +0100
Subject: [PATCH] Fixed single quote balance

---
 windows/builtin/susp_eventlog_cleared.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/builtin/susp_eventlog_cleared.yml b/windows/builtin/susp_eventlog_cleared.yml
index 42c65e1f9..6be4f95a8 100644
--- a/windows/builtin/susp_eventlog_cleared.yml
+++ b/windows/builtin/susp_eventlog_cleared.yml
@@ -1,5 +1,5 @@
 description: Eventlog Cleared
-comment: Some threat groups tend to delete the local 'Security'' Eventlog using certain utitlities
+comment: Some threat groups tend to delete the local 'Security' Eventlog using certain utitlities
 detection:
     selection:
         - EventLog: Security
@@ -10,4 +10,4 @@ detection:
 falsepositives:
     - Rollout of log collection agents (the setup routine often includes a reset of the local Eventlog)
     - System provisioning (system reset before the golden image creation)
-level: 70
\ No newline at end of file
+level: 70