From 83f6f86c296dd3d50f5a20d01dd8e2a9d59e3406 Mon Sep 17 00:00:00 2001
From: Kazuminn <warugaki.k.k@gmail.com>
Date: Tue, 13 Oct 2020 17:18:57 +0900
Subject: [PATCH] =?UTF-8?q?whitelist=E8=AA=AD=E3=81=BF=E5=8F=96=E3=82=8A?=
 =?UTF-8?q?=E6=A9=9F=E6=A7=8B=E3=81=AB=E9=96=A2=E9=80=A3=E3=81=97=E3=81=9F?=
 =?UTF-8?q?=E3=83=90=E3=82=B0=E3=83=95=E3=82=A3=E3=83=83=E3=82=AF=E3=82=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/detections/powershell.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/detections/powershell.rs b/src/detections/powershell.rs
index 0737c34e..514ea118 100644
--- a/src/detections/powershell.rs
+++ b/src/detections/powershell.rs
@@ -52,7 +52,7 @@ impl PowerShell {
         if path == "".to_string() {
             let commandline = event_data.get("ScriptBlockText").unwrap_or(&default);
             if commandline.to_string() != default {
-                utils::check_command(4104, &commandline, 1000, 0, &default, &default, rdr);
+                utils::check_command(4104, &commandline, 1000, 0, &default, &default);
             }
         }
     }