From 3c0d982d8fb2d2258144061639432d04eb96b1ca Mon Sep 17 00:00:00 2001
From: Justin Ibarra <brokensound77@users.noreply.github.com>
Date: Thu, 24 Sep 2020 16:27:16 -0500
Subject: [PATCH] [Rule Tuning] Mknod Process Activity (#276)

---
 rules/linux/linux_mknod_activity.toml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rules/linux/linux_mknod_activity.toml b/rules/linux/linux_mknod_activity.toml
index c0c47cf5a..9fbcaf82d 100644
--- a/rules/linux/linux_mknod_activity.toml
+++ b/rules/linux/linux_mknod_activity.toml
@@ -2,7 +2,7 @@
 creation_date = "2020/02/18"
 ecs_version = ["1.6.0"]
 maturity = "production"
-updated_date = "2020/08/03"
+updated_date = "2020/09/09"
 
 [rule]
 author = ["Elastic"]
@@ -21,7 +21,7 @@ index = ["auditbeat-*", "logs-endpoint.events.*"]
 language = "kuery"
 license = "Elastic License"
 name = "Mknod Process Activity"
-references = ["https://pen-testing.sans.org/blog/2013/05/06/netcat-without-e-no-problem"]
+references = ["https://web.archive.org/web/20191218024607/https://pen-testing.sans.org/blog/2013/05/06/netcat-without-e-no-problem/"]
 risk_score = 21
 rule_id = "61c31c14-507f-4627-8c31-072556b89a9c"
 severity = "low"