security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
44ff9d154e2fdaed6d72efbf223e368fa55c7aac
blue-team-tools/tests/mapping-conditional-multi.yml
T
Thomas Patzke 44ff9d154e Increased test coverage for mapping corner cases
2018-10-16 14:53:12 +02:00

15 lines
349 B
YAML
Raw Blame History

title: Contional mapping with multiple targets
status: test
description: Logpoint configuration causes conditional mapping with multiple results
author: Thomas Patzke
logsource:
product: windows
service: security
detection:
selection:
EventID: 4624
SubjectAccountName: Test
condition: selection
fields:
- EventID
Reference in New Issue View Git Blame Copy Permalink