20 Commits

Author	SHA1	Message	Date
Nasreddine Bencherchali	6407089a40	Change service to diagnosis scripted	2022-08-15 12:45:12 +01:00
Nasreddine Bencherchali	d09037c9ad	Add 2 New EventLog Sources ... - Microsoft-Windows-Shell-Core/Operational - Microsoft-Windows-Diagnosis-Scripted/Operational	2022-08-14 21:38:36 +01:00
Nasreddine Bencherchali	f2bec5c6af	Update provider + rules	2022-08-04 21:58:07 +01:00
Nasreddine Bencherchali	a073590c2f	Add Security-Mitigations-User Mode log	2022-08-04 13:44:55 +01:00
Florian Roth	afa0d77025	refactor: adding new channel to all backends	2022-08-02 18:08:29 +02:00
Florian Roth	43f3a31d19	feat: new service definition - terminal services	2022-04-29 12:26:26 +02:00
frack113	53651cdd2f	Add Bits-Client rules	2022-03-03 06:27:00 +01:00
frack113	8cfab22acb	Add firewall-as basic rules	2022-02-19 10:18:49 +01:00
Florian Roth	9b7b48c0e6	Merge branch 'rule-devel' of https://github.com/SigmaHQ/sigma into rule-devel	2022-01-20 09:45:03 +01:00
Florian Roth	68f0cdf338	feat: new log channel windows-codeintegrity-operational ... https://twitter.com/SBousseaden/status/1483810148602814466	2022-01-20 09:44:36 +01:00
frack113	0828ff098f	Fix windows-dns-server	2022-01-15 09:07:26 +01:00
Florian Roth	63f3fd7e73	config: add PrintService Operational	2021-07-01 09:55:15 +02:00
Florian Roth	a49bfb14dd	refactor: Admin log - not Operational	2021-06-30 14:22:40 +02:00
Florian Roth	26cfbb9c34	config: mapping for Microsoft SMBClient service - security	2021-06-30 14:16:26 +02:00
Florian Roth	8262a1d98b	config: mappings for Microsoft print service	2021-06-30 14:09:44 +02:00
Florian Roth	9e287a1b89	feat: MSExchange Management log mapping	2021-03-20 08:49:59 +01:00
Pushkarev Dmitry	7fb2e2b845	Added AppLocker log source	2020-07-13 20:29:13 +00:00
j91321	ae842a65cb	Windows Defender rules and logsource	2020-06-28 10:55:32 +02:00
Thomas Patzke	991108e64d	Further proxy field name fixes (config + rules)	2019-12-07 00:23:30 +01:00
Thomas Patzke	b9ff280209	Cleanup of configuration names	2019-07-14 00:50:15 +02:00