From 7ca66e1d8777e2a1c543e0b2b942e76c491373b4 Mon Sep 17 00:00:00 2001
From: DustInDark <nextsasasa@gmail.com>
Date: Mon, 20 Jun 2022 13:46:28 +0900
Subject: [PATCH] fixed referecne proveider name filed #359

---
 src/detections/detection.rs | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/detections/detection.rs b/src/detections/detection.rs
index 3c9968bf..f32e686b 100644
--- a/src/detections/detection.rs
+++ b/src/detections/detection.rs
@@ -236,10 +236,13 @@ impl Detection {
         };
         let ch_str = &get_serde_number_to_string(&record_info.record["Event"]["System"]["Channel"])
             .unwrap_or_default();
+        let provider =
+            &get_serde_number_to_string(&record_info.record["Event"]["System"]["Provider Name"])
+                .unwrap_or_default();
         let eid = get_serde_number_to_string(&record_info.record["Event"]["System"]["EventID"])
             .unwrap_or_else(|| "-".to_owned());
         let default_output = DEFAULT_DETAILS
-            .get(&format!("{}_{}", ch_str, &eid))
+            .get(&format!("{}_{}", provider, &eid))
             .unwrap_or(&"-".to_string())
             .to_string();
         let detect_info = DetectInfo {