Merge pull request #2774 from frack113/splunk_win

Add missing WinEventLog prefix

tools/config/splunk-windows.yml

@@ -111,7 +111,7 @@ logsources:
     product: windows
     service: codeintegrity-operational
     conditions:
-      source: 'Microsoft-Windows-CodeIntegrity/Operational'
+      source: 'WinEventLog:Microsoft-Windows-CodeIntegrity/Operational'
   windows-smbclient-security:
     product: windows
     service: smbclient-security
@@ -126,11 +126,11 @@ logsources:
     product: windows
     service: firewall-as
     conditions:
-      source: 'Microsoft-Windows-Windows Firewall With Advanced Security/Firewall'
+      source: 'WinEventLog:Microsoft-Windows-Windows Firewall With Advanced Security/Firewall'
   windows-bits-client:
     product: windows
     service: bits-client
     conditions:
-      source: 'Microsoft-Windows-Bits-Client/Operational' 
+      source: 'WinEventLog:Microsoft-Windows-Bits-Client/Operational' 
 fieldmappings:
   EventID: EventCode