Log examples found in 0610-win-ms_logs doesn't match

[Lopuiz]

Hi team,

I have noticed that the log examples found in 0610-win-ms_logs_rules.xml don't match their rules. It is due the fields providerName and channel aren't correct.

https://github.com/wazuh/wazuh-ruleset/blob/725a0155cfde0a849729d9d174f03e1453e31242/rules/0610-win-ms_logs_rules.xml#L37-L63

To match rules 63103, 63104 and 63105, the logs must have matched before rules 60000, 60002, 60007 and 63100.

First, rule 60002 doesn't mach these logs because field channel is Microsoft-Windows-Eventlog and not System. https://github.com/wazuh/wazuh-ruleset/blob/725a0155cfde0a849729d9d174f03e1453e31242/rules/0575-win-base_rules.xml#L31-L36

Then, rule 60007 also doesn't match because field providerName is Microsoft-Windows-Eventlog and not Eventlog. https://github.com/wazuh/wazuh-ruleset/blob/725a0155cfde0a849729d9d174f03e1453e31242/rules/0575-win-base_rules.xml#L66-L71

We should research if it happens for all Windows Eventlog logs.

Best regards, Eva