Cleanup condition writing

Open frack113 opened this issue 1 year ago • 0 comments

Summary of the Pull Request

Cleanup condition writing. There is no detection change.

No change for :

=== Issues ===
issue=SigmahqOfselectionConditionIssue severity=low description=Rule contains 'All/X of ' with only 1 selection rule=\rules\windows\powershell\powershell_script\posh_ps_audio_exfiltration.yml selection=selection_header_*
issue=SigmahqOfselectionConditionIssue severity=low description=Rule contains 'All/X of ' with only 1 selection rule=\rules\windows\process_creation\proc_creation_win_node_abuse.yml selection=action_*

Changelog

chore: Cleanup condition

Example Log Event

Fixed Issues

SigmaHQ Rule Creation Conventions

If your PR adds new rules, please consider following and applying these conventions

$frack113 avatar$ May 11 '24 06:05 frack113