refactor: first bigger log source refactoring

see discussion here: https://github.com/SigmaHQ/sigma/discussions/2835
2022-03-22 17:58:29 +01:00
parent a5281c0eaf
commit e91fc4486e
78 changed files with 103 additions and 106 deletions
@@ -8,7 +8,7 @@ references:
    - https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations
 logsource:
  product: azure
-  service: azure.activitylogs
+  service: activitylogs
 detection:
    selection:
        properties.message: MICROSOFT.PORTAL/CONSOLES/WRITE