From aecdabe4feefc70baa6b7b5c719f84c777f1fd94 Mon Sep 17 00:00:00 2001
From: DustInDark <nextsasasa@gmail.com>
Date: Sun, 19 Jun 2022 23:12:04 +0900
Subject: [PATCH] added test files in default_details.txt

---
 test_files/config/default_details.txt | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 test_files/config/default_details.txt

diff --git a/test_files/config/default_details.txt b/test_files/config/default_details.txt
new file mode 100644
index 00000000..98830e96
--- /dev/null
+++ b/test_files/config/default_details.txt
@@ -0,0 +1,5 @@
+Provider, EID, Details
+Microsoft-Windows-PowerShell/Operational, 4104, '%ScriptBlockText%'
+Microsoft-Windows-Security-Auditing, 4624, 'User: %TargetUserName% | Comp: %WorkstationName% | IP Addr: %IpAddress% | LID: %TargetLogonId% | Process: %ProcessName%'
+Microsoft-Windows-Sysmon/Operational, 1, 'Cmd: %CommandLine% | Process: %Image% | User: %User% | Parent Cmd: %ParentCommandLine% | LID: %LogonId% | PID: %ProcessId% | PGUID: %ProcessGuid%'
+Service Control Manager, 7031, 'Svc: %param1% | Crash Count: %param2% | Action: %param5%'
\ No newline at end of file