refactor: first bigger log source refactoring

see discussion here: https://github.com/SigmaHQ/sigma/discussions/2835

rules/web/web_apache_segfault.yml

@@ -8,7 +8,7 @@ references:
 date: 2017/02/28
 modified: 2021/11/27
 logsource:
-  product: apache
+  service: apache
 detection:
   keywords:
     - 'exit signal Segmentation Fault'

rules/web/web_apache_threading_error.yml

@@ -8,7 +8,7 @@ references:
 date: 2019/01/22
 modified: 2021/11/27
 logsource:
-  product: apache
+  service: apache
 detection:
   keywords:
     - '__pthread_tpp_change_priority: Assertion `new_prio == -1 || (new_prio >= fifo_min_prio && new_prio <= fifo_max_prio)'

rules/web/web_cve_2021_40539_manageengine_adselfservice_exploit.yml

@@ -15,7 +15,6 @@ tags:
     - attack.persistence
     - attack.t1505.003
 logsource:
-    product: zoho_manageengine
     category: webserver
     definition: 'Must be collect log from \ManageEngine\ADSelfService Plus\logs'
 detection:

rules/web/web_nginx_core_dump.yml

@@ -8,7 +8,7 @@ references:
     - https://docs.nginx.com/nginx/admin-guide/monitoring/debugging/#enabling-core-dumps
     - https://www.x41-dsec.de/lab/advisories/x41-2021-002-nginx-resolver-copy/
 logsource:
-    product: apache
+    service: apache
 detection:
     keywords:
         - 'exited on signal 6 (core dumped)'