From 0400dc207a63bde4a68a9be162e64c4f80003c7c Mon Sep 17 00:00:00 2001
From: Samirbous <64742097+Samirbous@users.noreply.github.com>
Date: Thu, 15 Apr 2021 22:18:56 +0200
Subject: [PATCH] [Deprecation] Process Discovery via Tasklist (#1116)

* [Deprecation] Process Discovery via Tasklist

* deprecation_date

* update date

* Update rules/_deprecated/discovery_process_discovery_via_tasklist_command.toml

Co-authored-by: Brent Murphy <56412096+bm11100@users.noreply.github.com>

Co-authored-by: Brent Murphy <56412096+bm11100@users.noreply.github.com>
---
 .../discovery_process_discovery_via_tasklist_command.toml   | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
 rename rules/{windows => _deprecated}/discovery_process_discovery_via_tasklist_command.toml (93%)

diff --git a/rules/windows/discovery_process_discovery_via_tasklist_command.toml b/rules/_deprecated/discovery_process_discovery_via_tasklist_command.toml
similarity index 93%
rename from rules/windows/discovery_process_discovery_via_tasklist_command.toml
rename to rules/_deprecated/discovery_process_discovery_via_tasklist_command.toml
index 06d24ad81..7225bf0c5 100644
--- a/rules/windows/discovery_process_discovery_via_tasklist_command.toml
+++ b/rules/_deprecated/discovery_process_discovery_via_tasklist_command.toml
@@ -1,7 +1,8 @@
 [metadata]
 creation_date = "2020/02/18"
-maturity = "production"
-updated_date = "2021/03/03"
+deprecation_date = "2021/04/15"
+maturity = "deprecated"
+updated_date = "2021/04/15"
 
 [rule]
 author = ["Elastic"]
@@ -42,4 +43,3 @@ reference = "https://attack.mitre.org/techniques/T1057/"
 id = "TA0007"
 name = "Discovery"
 reference = "https://attack.mitre.org/tactics/TA0007/"
-