From fb9caa875c10648595bad144fc5111f174669867 Mon Sep 17 00:00:00 2001
From: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
Date: Wed, 4 Jan 2023 17:53:24 +0100
Subject: [PATCH] fix: other typos

---
 .../windows/powershell_suspicious_invocation_specific.yml       | 2 +-
 .../powershell/powershell_script/posh_ps_susp_keywords.yml      | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/rules-deprecated/windows/powershell_suspicious_invocation_specific.yml b/rules-deprecated/windows/powershell_suspicious_invocation_specific.yml
index a4e817aaf..dcdaf67e1 100644
--- a/rules-deprecated/windows/powershell_suspicious_invocation_specific.yml
+++ b/rules-deprecated/windows/powershell_suspicious_invocation_specific.yml
@@ -11,7 +11,7 @@ modified: 2022/04/11
 logsource:
     product: windows
     service: powershell
-    definition: Script block logging must be enabled for 4104, Module Logging must be enabled for 4103
+    definition: Script block logging must be enabled
 detection:
     convert_b64:
         - '-nop'
diff --git a/rules/windows/powershell/powershell_script/posh_ps_susp_keywords.yml b/rules/windows/powershell/powershell_script/posh_ps_susp_keywords.yml
index 84f0a2ad9..05a66e50b 100644
--- a/rules/windows/powershell/powershell_script/posh_ps_susp_keywords.yml
+++ b/rules/windows/powershell/powershell_script/posh_ps_susp_keywords.yml
@@ -16,7 +16,7 @@ tags:
 logsource:
     product: windows
     category: ps_script
-    definition: 'Requirements: Script Block Logging must be enabled' for 4104
+    definition: 'Requirements: Script Block Logging must be enabled'
 detection:
     selection:
         ScriptBlockText|contains: