blue-team-tools/regression_data/rules/windows/sysmon/sysmon_config_modification/info.yml

id: 54f3ccdd-e1f9-4b9f-8dda-b1bdcb13d6ba
description: N/A
date: 2025-10-24
author: SigmaHQ Team
rule_metadata:
    - id: 8ac03a65-6c84-4116-acad-dc1558ff7a77
      title: Sysmon Configuration Change
regression_tests_info:
    - name: Positive Detection Test
      type: evtx
      provider: Microsoft-Windows-Sysmon
      match_count: 1
      path: regression_data/rules/windows/sysmon/sysmon_config_modification/8ac03a65-6c84-4116-acad-dc1558ff7a77.evtx