refactor: first bigger log source refactoring

see discussion here: https://github.com/SigmaHQ/sigma/discussions/2835
2022-03-22 17:58:29 +01:00
parent a5281c0eaf
commit e91fc4486e
78 changed files with 103 additions and 106 deletions
@@ -1,33 +1,33 @@
 title: Microsoft 365 Rules
 order: 10
 logsources:
-    ThreatManagement:
+    threat_management:
        product: m365
-        category: ThreatManagement
+        service: threat_management
        conditions:
            eventSource: SecurityComplianceCenter
-    AccessGovernance:
+    access_governance:
        product: m365
-        category: AccessGovernance
+        service: access_governance
        conditions:
            eventSource: SecurityComplianceCenter
-    CloudDiscovery:
+    cloud_discovery:
        product: m365
-        category: CloudDiscovery
+        service: cloud_discovery
        conditions:
            eventSource: SecurityComplianceCenter
-    DataLossPrevention:
+    data_loss_prevention:
        product: m365
-        category: DataLossPrevention
+        service: data_loss_prevention
        conditions:
            eventSource: SecurityComplianceCenter
-    ThreatDetection:
+    threat_detection:
        product: m365
-        category: ThreatDetection
+        service: threat_detection
        conditions:
            eventSource: SecurityComplianceCenter
-    SharingControl:
+            sharing_control:
        product: m365
-        category: SharingControl
+    service: sharing_control
        conditions:
            eventSource: SecurityComplianceCenter