CSEC_PUBLIC/hayabusa
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'feature/sysmon3' of https://github.com/YamatoSecurity/YamatoEventAnalyzer into feature/sysmon3

Browse Source
This commit is contained in:
kazuminn
2020-11-01 16:07:49 +09:00
parent 52a165ea19 ea56104c0f
commit 42309b14be
2 changed files with 35 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/detections/detection.rs
View File

@@ -51,7 +51,7 @@ impl Detection {
&application.detection(event_id, &event.system, event_data);
} else if channel == "Microsoft-Windows-PowerShell/Operational" {
&powershell.detection(event_id, &event.system, event_data);
} else if channel == "Microsoft-Windows-Sysmon/Operational" {
} else if channel == "Microsoft-Windows-AppLocker/EXE and DLL" {
&sysmon.detection(event_id, &event.system, event_data);
} else if channel == "Microsoft-Windows-Applocker/Operational" {
&applocker.detection(event_id, &event.system, event_data);