diff --git a/rules/windows/file_rename/file_rename_win_not_dll_to_dll.yml b/rules/windows/file_rename/file_rename_win_not_dll_to_dll.yml
index a6d1fa6d9..b0c358221 100644
--- a/rules/windows/file_rename/file_rename_win_not_dll_to_dll.yml
+++ b/rules/windows/file_rename/file_rename_win_not_dll_to_dll.yml
@@ -11,6 +11,7 @@ modified: 2022/10/07
 logsource:
     product: windows
     category: file_rename
+    definition: Use the WinEventLog:Microsoft-Windows-Kernel-File/KERNEL_FILE_KEYWORD_RENAME_SETLINK_PATH ETW source 
 detection:
     to_dll:
         TargetFilename|endswith: '.dll'
diff --git a/rules/windows/file_rename/file_rename_win_ransomware.yml b/rules/windows/file_rename/file_rename_win_ransomware.yml
index 3926f3b6e..1d395bda8 100644
--- a/rules/windows/file_rename/file_rename_win_ransomware.yml
+++ b/rules/windows/file_rename/file_rename_win_ransomware.yml
@@ -14,6 +14,7 @@ tags:
 logsource:
     product: windows
     category: file_rename
+    definition: Use the WinEventLog:Microsoft-Windows-Kernel-File/KERNEL_FILE_KEYWORD_RENAME_SETLINK_PATH ETW source 
 detection:
     selection:
         OriginalFilename|endswith: