fix service from system to security for rule win_pcap_drivers.yml

2021-01-22 09:10:02 +01:00
parent efa39eb18d
commit e4edf7bc1b
1 changed files with 1 additions and 1 deletions
@@ -12,7 +12,7 @@ tags:
    - attack.t1040
 logsource:
    product: windows
-    service: system
+    service: security
 detection:
    selection:
        EventID: 4697