eb8f9a 2ab0582fd1 (win_susp_rundll32_activity.yml) Rule syntax error ...

es-dsl does not work properly because the rule syntax is not valid

https://github.com/SigmaHQ/sigma/blob/master/rules/windows/process_creation/win_susp_rundll32_activity.yml

59 to 61 lines
     - CommandLine|contains|all:
       - 'syssetup.dll'
       - SetupInfObjectInstallAction'

should be like below
     - CommandLine|contains|all:
       - 'syssetup.dll'
       - 'SetupInfObjectInstallAction'

2021-12-23 10:09:51 +09:00

..

application

Change status for old rules

2021-11-27 11:33:14 +01:00

apt

Change status for old rules

2021-11-27 11:33:14 +01:00

cloud

feat: discourage the usage of 'all of them' and migrate existing rules to use the preferred method 'all of selection*'

2021-12-02 14:47:39 +01:00

compliance

fix field name

2021-11-23 18:47:42 +01:00

generic

Change status for old rules

2021-11-27 11:33:14 +01:00

linux

Update pattern

2021-12-10 16:45:42 +01:00

network

Merge branch 'master' into rule-devel

2021-11-29 11:00:25 +01:00

proxy

Update proxy_java_class_download.yml

2021-12-21 13:22:47 +01:00

web

typo

2021-12-16 12:12:37 -05:00

windows

(win_susp_rundll32_activity.yml) Rule syntax error

2021-12-23 10:09:51 +09:00